Remote administrator access using mac address
Have set up remote administration on my router at my business and want to access it from home.
I need to restrict it to management by one comuter at home to tighten security but can only use my computers MAC address as my ip address at home is set by my ISP.
My ISP changes the ip address every time there is an outage for residential customers. I there need the mac address.
When I input the MAC address in the ip/mac address in the System remote configuration it accepts the mac address.
When I try to log into remotely I get the 403 forbidden error. I have reached the right port but I need to put the mac address into the header somehow to get the router to recognise my computer.
Any suggestions on what I am doing wrong.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
CoastalJoe wrote
...
When I input the MAC address in the ip/mac address in the System remote configuration it accepts the mac address.
...
Hi,
Could you please share with us a screenshot of the system remote configuration that accepts a MAC address?
Actually, I doubt what you are trying to achieve is possible.
Would it be enough security for you to establish a connection to your AX1500 via VPN connection instead? You could use the AX1500's built-in OpenVPN Server. Only a computer that has the file with the correct certificate and key would be able to connect.
- Copy Link
- Report Inappropriate Content
Will try open VPN but there seem to be the option of allowing the MAC address in my router.
have included screenshot. Am new to this forum so I hope i did it the right way
- Copy Link
- Report Inappropriate Content
I suppose you use a router at home as well. In this case the router in your office sees your home router MAC address, but not your computer MAC address.
So that's probably the cause for the "403 forbidden error". If you put your home router MAC address it will probably work, but from every device in your home LAN.
- Copy Link
- Report Inappropriate Content
Actually, the last one to see the MAC address of the hardware that connects the user to his/her broadband connection is the Internet Service Provider. This MAC address is not passed on through the Internet.
- Copy Link
- Report Inappropriate Content
Thank you all.
I should have realised the MAC address does not get forwarded. I was hoping it could be inserted in the header of the http request.
I will try the certificate route as there is some good documentation on this and temporarily use IP adress till the next outage.
Thanks again @CoastalJoe
- Copy Link
- Report Inappropriate Content
Thank you I should have realised this was the case. I will investigate the certificate route.
- Copy Link
- Report Inappropriate Content
Thank you.
I should have realised the MAC address does not get forwarded. I do not undersatand why it is an option for remote management.
I will give it my router MAC address but as Wozzle pointed out it will be removed by the ISP
Thank you for your help as it now makes it clearer what my options are.
- Copy Link
- Report Inappropriate Content
Yes, this setting (MAC restriction) would make sense only in a double NAT scenario, when AX1500 is your second router and you're trying to access it from a device in the LAN of the first one.
- Copy Link
- Report Inappropriate Content
If, for example, someone browses to TP-Links website www.tp-link.com from their home computer, then the data packets are not sent straight from the WAN port of the home router to the network card of the server that hosts TP-Link's website.
Instead the data packets travel through quite a few routing points.
If you are on Windows open a command prompt and enter, for example, "tracert www.tp-link.com". You will see how your data packets are routed through the Internet to reach the destination server www.tp-link.com. Each move of the data packets from one router to the next is called a "hop".
Here is my understanding of how it works with the MAC addresses:
It's not like your modem's or router's MAC address gets intentionally removed by the ISP.
The device that comes right after your modem or router (should be the first IP address that doesn't look familar to you) will know the MAC address of your modem or router. For the next "hop" shown by the tracert command the MAC address would be the MAC address of the ISP's routing device and so on.
- Copy Link
- Report Inappropriate Content
When you allow only the computer MAC address for remote management, did you try disabling HTTP Referer Heed Check on the same page?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1399
Replies: 10
Voters 0
No one has voted for it yet.