Extended Wi-Fi range but MAC address filtering not working

[anonymous_87]

Hi,

A couple of months ago I extended my WiFi range using an old router. I don't want certain users to constantly use the connection as it slows down the speed. I have already tried MAC filtering on both Master and Slave router simultaneously, and seperately. But it's does seem to have any effect. The devices I tried to deny access to still continue to receive the connection.
Please help me sort this out. The data gets used up very fast.


Thank you for your help

 

[boosted1g]

MAC address filtering is the router equivalent of a padlock or a security chain on the door. It keeps the honest people from going right in, but in absolutely no way prevents someone from getting in that wants in. Your mac address is actually transmited in the clear before encryption even takes place so any wifi sniffer can find authenticated mac address and then the user can spoof theirs.

You also need to disable the WPS crap, it is so easy to hack you can get one-button hack it apps for android/iOS.

You do have your WiFi password protected right? Is it using the ancient (and now very broken) WEP or is it using WPA?

 

[anonymous_87]

Yes the WiFi is pasword protected and it's WPA2 AES

 

[boosted1g]

Ok then.

Change password(s)
Disable WPS on both router/access point

 

[anonymous_87]

It's not that, these are devices used by other people at home eg:my brother. I just don't want him to use it for long periods.

 

[boosted1g]

Ok, MAC address filtering is a designed as a long term blacklist, not a short term setup.
You have to power cycle the router and make it drop all connections for most MAC lists to even work.

What you want then is QoS (Quality of Service) on some routers you can set what services get priority and on others you can set what computers also get priority. You can even set bandwidth caps per computers.

So what it really sounds like is that you need a decent primary router with good features. I have the Asus AC68U with Merlin firmware on it and it has these abilities.

And you should be having the secondary router set as an access point. As an access point the primary router handles all the access restrictions, addressing and everything, and all the access point does is provides another wifi radio and Ethernet ports for connection.
If you have the cable from router1 plugged into LAN port of router2 then you are likely in access point setup, if it is plugged into WAN port of router 2 then you have 2 routers working against each other and not with each other.

 

[anonymous_87]

sadly my router does not have those features. All I want is to reduce the WiFi data usage on specific devices.
Yes the setup is access point through an Ethernet cable plugged into LAN port of router 2.
I understand MAC filtering is long term, I don't mind changing that on and off. But that doesn't seem to work even if I enter the device MAC address on router 1 or router 2.

 

[boosted1g]

Well bottom line you cant expect to get medium to high end functionality on budget grade device. If you want the functionality you have to pay.

You can look into seeing if your router supports being flashed to DD-WRT to get extended functionality, but if the hardware is too low end then performance drop will be noticeable. And flashing a new firmware does come at a mild to moderate risk (all depends on the router) of the flash process ultimately bricking the router.

 

[Pooneil]

Some wifi equipment has the ability to schedule on and off times. If the access point does have that ability, set it up with a separate SSID and password and give only that information to those you wish to put on a schedule. It is only a rough measure but if you cut him off for a long period of time during the middle of the day or shut the AP down at 10PM, for instance, it may accomplish some of what you want. Keep the full access login info to yourself and type it into any devices that are granted full access personally.