Deny new clients from connecting

Hello everyone,

I was wondering if it’s possible to automatically deny new devices connecting to your network.

What I mean by this is, when someone first connects, they have no Ethernet access, until I verify their connection (basically blocking all mac addresses, and only when I verify the device, name it & give it a static IP, it’s allowed to access the Ethernet).

This is mainly to avoid clients from mac spoofing & bypassing filters, or hiding their device names in system log.

Hope someone can point me to the right direction, would be awesome to set this up!:smile:

1 Like

Does this feature meet your needs?

Preset policies in the “Clients” page to block WAN or limit speed by default for all devices using randomized MAC addresses.
We are considering adding it in version 4.1.


Please add it. I also recommend this. I really want this feature. :+1:

Can it be for any new client?

1 Like

For now I think It only for MAC Randomization. Users shouldn’t expect this restriction to prevent malicious intrusions.

But we are also adding parental controls to our develop schedule that can manage all devices.

1 Like

Yes, that would be absolutely perfect!:smile::pray:

I think this possible by appending rules in LuCI → Network → Firewall → Firewall - Traffic Rules:

  1. Accept your Source MAC address list from Source zone LAN to Destination Zone this device
  2. Drop or Reject all other traffic from Source zone LAN to Destination Zone this device

The Randomized MAC address Device Preset would be a useful feature for some people, but may not prevent new clients connecting with non-randomized MAC addresses, if the feature only checks for a specific 2nd digit of 2, 6, A, or E in the MAC address.

I do not work for and I do not have formal association with GL.iNet

1 Like

Agreed. It should be made for all new clients connecting to the router, this would cover randomized Mac and new clients . Much cleaner.

1 Like

Due to scheduling (our new product will be pre-installed with version 4.1), the relevant features will be unified in the parental control module of version 4.2.
In Parental Control, users can block all new incoming devices to access the Internet.