Hello, I own a Beryl A1300, from the GUI in the Clients pane I tried to block a device from the list, but I could observe from AdGuardHome that that device was still making requests. Any advice would be appreciated
Hello,
I tested on A1300 with v4.7.2, and this was not reproduced.
- Enabled ADG.
- Phone Internet normal, the ADG received query of Phone.
- Block the Phone in GL GUI > Clients > click Block button.
- Phone Internet abnormal, and the ADG did not received query of Phone.
How about your configuration?
Hello,
Thanks for looking into this.
My configuration is as follows:
- ISP Router with IPv6 and prefix delegation enabled
- Beryl behind ISP NAT, as drop-in gateway
- AdGuardHome with interception enabled
May you advise in case I need to elaborate more on the topology / setup I have.
As in original post, in GL GUI > Clients > Block button, but I can still se both traffic in the GUI and in AdGuardHome queries coming from the device.
MAC address filtering hasn't played well on my Beryl (nor for the VPN policy, nor manually adding them from Firewall in LuCI / via SSH in iptables), in case that's what the block does, whereas if the filter is applied on IP (which I guess not since DHCP might just give it a different one), maybe is not filtering IPv6?
Edit: My firmware version is 4.5.19 and says is last available, which is different than the one you mentioned testing on.
Thanks
Hello,
I checked this seems is not issue.
Since the GL router as the drop-in gateway, and it is not the primary (main) router, the primary (main) is the ISP router. GL router has not managed the clients.
The ISP router (main) is responsible for the client management, not GL router.
This is not the issue.
Hello,
Why wouldn't the GL router be able to mange its client being the LAN gateway?
I would expect that it acting as drop-in gateway and thus having all the LAN traffic going through it prior routing back to main router, to be able to perform a simple thing as blocking a client access.
To expand a little, Is it for the same reason you mentioned that for example VPN doesn't correctly apply MAC filtering policy (at least in my scenario)?
After all, it is for this reason I have set it as drop-in gateway, having the capability to manage the LAN far way better thanks to OpenWRT and Gl firmware than a stock ISP router, and I believe it might be the same reason many others do.
Happy to be told otherwise whether aforementioned assumptions of mine are wrong.
Thanks
Yes, I think so too.
Drop-In Gateway on GL router has become a LAN gateway, and in theory it should be able to manage the connected clients.
I will submit a requirement to the PM and hand to that evaluate it.
Many thanks, I'll wait for an update on the matter.