Can Firewalla works with wireless router

Follow

Curry C

• April 10, 2020 00:57

I know that Firewalla uses "ARP Spoofing" so all the connected devices will get the fake ARP and will intercept by Firewalla in the ethernet. However, most of the home router already built in with wireless features. I just wonder if the traffic going through the wireless devices to the router (then to internet) will be intercepted by Firewalla.

1

• 

  Firewalla

  • April 10, 2020 01:45

  Good question, please read this first https://help.firewalla.com/hc/en-us/articles/115004292514-How-does-Firewalla-Intercept-Traffic-

  Then the best way to explain this is, 

  1. ARP is layer 2 and little bit layer 3

  2. Wifi is layer 1 and layer 2

  3. IP is layer 3

  4. Ethernet is layer 1 and layer 2

  So, when ARP is spoofing, it doesn't care about the physical layer, it only cares about pairing MAC with IP.  So from Firewalla perspective, it is simply spoofing an IP network ... regardless of what the physical layer is.  As long as the layer 2 protocol understand ARP, the spoof will work.

  Often people ask us, will Firewalla support 2.4 or 5ghz networks ... the answer is simple, we don't care ...

  1

  Comment actions Permalink
• 

  Curry C

  • April 10, 2020 01:51

  Dear support,

   

  Thank you for your quick response. What I concern is that most of broadband routers are built in antenna for wireless, and Ethernet port for wire. If broadband router handles these as two separated network, the ARP spoofing in Ethernet zone may not directly take effect on Wireless zone. Isn't it.

  Thanks ~

  0

  Comment actions Permalink
• 

  Firewalla

  • April 10, 2020 01:54

  The only time that a router handles the network differently is the guest network.  Firewalla can not see the guest network, it is isolated by the router.   But beyond that, firewalla can see pretty much anything on the same subnet.   And it can even see those virtual interfaces that was created inside the router for purposes some of us don't understand.

  0

  Comment actions Permalink
• 

  Joshbowen83

  • April 10, 2020 03:31

  If it cannot see the guest network because it is isolated, does the AP isolation feature (if it exists) have to be disabled to see all traffic?

  0

  Comment actions Permalink
• 

  Firewalla

  • April 10, 2020 16:27

  The best way to check if Firewalla will see or not see is to ping a device that's on the network you have questions with from a device that's connected to the ethernet interface.

   

  0

  Comment actions Permalink
• 

  Curry C

  • April 11, 2020 01:35

  There is no doubt for the connectivity between wireless devices and wired devices. The concern is that Firewalla can provide the ARP spoofing for the wireless device which the WIFI is on the broadband router itself. I will buy the Firewalla but want to make sure it can work for wireless zone first. 

  If you are the Firewalla's user, please connect to your WIFI and then check the ARP whether it belongs to Firewalla or your router.

  Thanks ~

  0

  Comment actions Permalink
• 

  Firewalla

  • April 11, 2020 01:57

  Yes, firewalla should be able to see all the devices connecting to your integrated router's wifi network.  Given these devices are not connected to the 'guest network'. 

  Please see https://firewalla.com/install for installation details, you can find a few pictures on different deployment

   

   

  0

  Comment actions Permalink

Please sign in to leave a comment.