I replace my Synology 6600 router yesterday with the Gl-iNET Flint 2
On the Synology (put also in most router i used in the past, even openWRT and Tomato) One thing i like a lot there, is that i can set an “approoved” MAC filter list.
So everytime someone want to connect his Cell (or any WIFI device) to my router, i asked him for the MAC of his Phone, and add it. That prevent my kids to share the PASSPHRASE with their friends.. and worse, as now those phone can have a rotated MAC adress.. they can switch when i block a MAC adress….
I assume there maybe a location in the router when i can set those filter ?
Under the “Clients” section.. i see the “Access Control”.. but stated that if i want to only allow device, i need to add all of them there first (WIFI and LAN).. compare to Other router where i can use an Allow list only for WIFI.
The short form answer is limit the DHCP pool @ GL GUI -> LAN -> DHCP Server for random devices & use 'Address Reservation' — aka static leases — for any dedicated devices (eg: a NAS, IP cameras, computers, etc.). Combined that with the Clients options for the MAC control.
For another setup using advanced set up for further fine tuned control: quarantine 'em even further. Put'em on a Guest/dedicated VLAN. Make sure they know they have to expose their real MAC to use it, assign static IP leases of 'infinite' (LuCI -> Network -> DHCP & DNS -> Static Leases) & limit the number of IPs that DHCP pool that VLAN hands out. No real MAC? No Wi-Fi to WAN!
This HOW-TO will also work on your Flint v2. Adapt as required. Enjoy:
You can do this in luci, the advanced settings in the gl ui.
Navigate in luci:
network -> wireless, edit the band scroll down and there you have tabs, it is in one of these tabs.
Just a note:
If you use a different sdk than just op24 the chances are that luci doesn't work perfectly or the whitelist doesn't work within luci, you may consider changing this.