Learn how router MAC filtering works

What is router MAC filtering

First of all we are going to explain what is the MAC filtering function in the router. Your mission is restrict network access to a specific device or group of computers. For example, let’s say we have a computer and we don’t want it to connect to the home network. We would have to know what its MAC address is and create a filter on the router.

Keep in mind that each time we have more connected equipment to Internet. This has its advantages, but problems can also arise. Within the latter we can name possible errors due to having too many devices connected and also a greater security risk.

Especially you have to think about what is known as the Internet of Things, which are all the home devices that we have connected to the network. We are talking, for example, about televisions, a robot vacuum cleaner, light bulbs, video players … All of them are connected wirelessly (or some by cable) and we can create different filters to allow or not their connection.

We could create a MAC filtering in the router so that certain devices can’t connect when we activate it. For example, if we are going to be away from home for a long time and we do not want the television or any device to connect to the router and that could pose a security problem in case a vulnerability appears.

How MAC Filtering Works

Modern routers often include this built-in feature. We will be able to create both black and white lists, according to what we want. In the first case, what we would do is add devices to a list and all of them would have access to the network without problems. In the second case it is the opposite: we add devices so that they cannot connect.

Therefore, a MAC filtering has a double focus. If we are only interested in blocking a specific device or a few, it is best to create a blacklist and include them. On the other hand, if what we want is to block all connections and only allow the computers we trust, we would have to create a white list and include them there.

What the router does is identify each device based on your MAC address. If you find that that address is on any list we have created, then that is when you would act. That address is unique for each network card that a device has. For example, a simple smart watch that has Wi-Fi will have a unique MAC.

Steps to create a MAC filter

So how can we create a MAC filter on the router and prevent certain devices from connecting? This process is very simple, although it may vary slightly depending on the type of device we have. We are going to see the generic steps that we must take to create a list.

The first thing to do is access the router. We can do it through the default gateway, but also in many models it is possible from your own application. If we use the gateway, we must know what it is. Usually it is and then enter the data, but it may be different.

We have to go to Start, enter the Command Prompt and execute the command ipconfig. This will show us a series of data, among which is the default gateway. We just have to put it in the browser with the corresponding data and we access the device.

Know default gateway

Once inside it will depend on the router. The normal thing is that we have to go to Wi-Fi or Wireless and Security. There the option of MAC Filtering or MAC Filter will appear. We have to activate it and check if we want to create a list to block those addresses or allow them (white or black list). You have to fill in the corresponding MAC addresses.

Does MAC filtering really protect us?

This point is undoubtedly very important and must be explained in detail. We can think of it as an additional security barrier to the password. In a way it is, but it is not effective. If it is an inexperienced user, who simply knows what our password is due to some error such as that he has seen the password under the router, it may be enough and he cannot enter.

Now, if it is an experienced user who has managed to break our Wi-Fi access password, actually having MAC filtering or not is not going to do more than lose a few seconds to that intruder. It is an ineffective measure and it will not pose a difficulty for someone with the appropriate knowledge.

This is so since it is possible clone MAC address of a computer that is connected to that Wi-Fi network and, in this way, to be able to connect without restrictions. It would simply be necessary to use a network sniffer to capture packets and locate the connected clients to obtain the MAC.

Therefore, we can say that really MAC filtering does not protect us. Yes, it can be interesting in certain circumstances, such as that one of our devices does not connect to the network or create a basic barrier so that someone without the necessary knowledge could not connect.

However, MAC filtering is a function that we will find in most routers on the market. Either through the default gateway and access from the browser or through the mobile application, we will be able to easily create a white or black list. Of course, if we seek maximum security, our advice is to focus our efforts on creating a Wi-Fi key that is strong and secure, as well as current encryption.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *