Archer VR900 - How to block specific URLs for everyone?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Archer VR900 - How to block specific URLs for everyone?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Archer VR900 - How to block specific URLs for everyone?
Archer VR900 - How to block specific URLs for everyone?
2019-10-29 20:44:27 - last edited 2019-10-30 14:39:45
Model: Archer VR900  
Hardware Version: V3
Firmware Version: 0.2.0.0.9.1 v0069.0

(Apologies if this question has already been answered but the community “search” seems broken for me – always returns thousands of results)

 

Q: How do I block several URLs to everyone on my network?

 

Setting up a Static Route allows me to block specific numeric IP addresses but, although I can see what IP addresses the URLs resolve to NOW, that could change at any point in the future (which is the whole point of human-readable URLs)

 

Parental Controls allow me to block specific web addresses or web address keywords – but only for specific MAC addresses and I want to prevent ANY device on my network (including guests’ phones) from accessing those URLs.

(I did try 00-00-00-00-00-00 and FF-FF-FF-FF-FF-FF but those are rejected as “invalid MAC address format”)

 

I couldn’t spot anything in the limited cryptic telnet interface either

 

How can I block a specific URL (or domain) to everyone?

 

 

Background: I have several items of Sonos equipment including 3 of their CR100 controllers – which Sonos now consider obsolete and later versions of their firmware do not support the CR100 – if the firmware is upgraded for any of the players in the house then, since all devices are required to be on the same version, these controllers will effectively be “bricked”

 

The problem is that as soon as any of the Sonos devices “phones home” it will see that a firmware update is available, at which point an “upgrade” becomes impossible to avoid – and completely IMpossible to revert.

 

So I need to prevent all access to “update.sonos.com”, “update-services.sonos.com” and “update-firmware.sonos.com” – not only for the devices which I have on my network but also for any guest’s phone or tablet which might connect to my network – in case their phone has a Sonos App. (Blocking the whole sonos.com domain wouldn't be the end of the world)

 

I have locked down my system at a previous version (8.4) by blocking the specific URLs on my Draytek ADSL router but I can’t see how to do it for this TP-Link VDSL beast.

 

Thanks for any help

Paul

 

TP-Link Archer VR900 v3.00000000,

Firmware 0.2.0.0.9.1 v0069.0 Build 170303 Ref 59897n (Blue UI)

 

  0      
  0      
#1
Options
2 Reply
Re:Archer VR900 - How to block specific URLs for everyone?
2019-11-12 16:52:35

No one have any thoughts on this?   

 

Even an "It's definitely not possible on this (any?) TP-Link Modem/Router" would save me hours trawling through the Internet in the seemingly-vain hope of finding a solution.

 

Seems strange that they could implement both a system-wide block on numeric IP addresses and a content filter for particular MAC addresses but not a system-wide block on domain name lookup.

 

Just extending the Parental filter to interpret "all-00" or "all-FF" MAC IDs to mean "everybody" would achieve the result without requiring any extension of the user interface - and only one additional "IF" clause internally

 

Ah well. "Heads you lose, Tails you don't win"

 

PS. For anyone else who may have a similar problem: As a workaround, I'm using the free "OpenDNS Home" service, blocking the particular sub-domains - but I would much, MUCH prefer to have the blocking done by devices under my control, rather than having to rely on a Third Pary

  0  
  0  
#2
Options
Re:Archer VR900 - How to block specific URLs for everyone?
2019-12-07 16:23:32

@AgedCynic Can you set up a parental control for your own devices and block the domains in there?
(Sure it wouldn't cover guests' phones but that is presumably only 1% of the problem - and you can't stop them from having already updated anyway - it's your own devices that you don't want to brick)

Add each of the 3 devices to the control then add the filters, something like this:

 

 

  0  
  0  
#3
Options