decided to try these out https://www.ruijienetworks.com/products/reyee-router/Cloud-Managed-Router/RG-EG105G-P-V2 https://www.ruijienetworks.com/products/Reyee-Wireless/reyee-indoor-ap/RG-RAP2260-Series i heard a lot of good things from my friends about thos brand, and since they're not that expensive i decided to buy them.will be installing them next week, if time permits.
The Amplifi Alien just got updated with a new firmware version. The Amplifi app got updated too. Now the WiFi router supports Homekit Security. While I'm well aware that perfect security is a myth, being able to apply some basic security rules for HomeKit accessories especially IoT and smart home devices is better than nothing.
It's a pleasant surprise to see another HKSR-compatible router, especially in the current environment where eero and Linksys Velop have no plans to add them to other routers going forward. The only unfortunate part about the Amplifi Alien is that HKSR only works if it's used as a single node. I've only tried the said firmware during beta, but I've since unplugged it and haven't gone to check if that's no longer the case. If it becomes a mesh (either wireless/wired backhaul) it doesn't work. This is still better than nothing though. If one can cover his entire home with a single Amplifi Alien while requiring HKSR it's another router to consider for consumers. Addendum: I reached out to Ubiquiti for clarification and they advised that it still only works for standalone routers, but they plan to add support for mesh setups in the future after ensuring no critical issues crop up in its present state.
I hope someone can provide some help. I just realized a few months back that my internet speed is slowing down, I even raised a ticket to PLDT and then I was told that the speed is normal, so they ask me to test by turning off WiFi and then connecting directly to the LAN port and it did show the actual speed which is close to my subscribed speed. And then the agent asked me how many devices are connected to the Wifi. It is then that I realized that there are several 'network device' that are connected (which I am not familiar with). So, I started to list/create an inventory of all my devices (and smart devices). I started to filter/block the MAC address of those network devices but then to discover after a few days a new network device connected. I have several 'neighbors' working in call centers and while asking around discovered that there is a tool to get the password (forcefully), I am using a 20-digit password. I must do this check every other day just to make sure that I blocked the unwanted devices. It did bring back my internet speed. I am now using an app that notifies me when a new device tries to connect. So, the help/question I have for this group: 1. What router should I use, that cannot be easily hacked? 2. Is there any app that can stop this?
To start: have you changed your password or are you using the same 20-digit password for your WiFi network? A 20-character password cannot be easily hacked considering all the permutations, and doing so would cost a lot of time and money. Another thing: is your router secure, meaning, you're the only one who can access the settings of the router (i.e. your login credentials are strong)? Are your devices the only one physically connected to your router/modem?
I changed it to 32 characters now (but I can still see new devices once in awhile). I have blocked around 15 MAC addresses, not sure if that means 15 different computers being used to connect The router anow has 32 character password and no one else knows this except me There is only one router connected to the PLDT modem, I asked PLDT to disable the WiFi of the modem.
They could be 15 different devices, or just a couple of devices that use randomized MAC addresses. Recent mobile devices have that feature enabled by default. The slowness of your Wi-Fi could also have been due to an application from a device connected to the network, whether wired or wireless. That one happened to me recently -- all of my access points started to slow down, sometimes even drop from my SDN. Turns out it was my PC (that's not even using Wi-Fi), specifically the Elgato Control Center app, that appeared to have gone wonky after waking from sleep. Quit the app, and the issue's gone.
Good point. It wouldn't make sense for new devices to keep popping up if you have recently changed the password to your network aside from your own devices which have reconnected after the password change.
@Leon21 - I think it would be easier to set up a whitelist of allowed MAC addresses. This way, no matter if they can crack your router password, only the MAC addresses in your whitelist can connect.
I also thought of this, my question is how about the iPhone private relay? I thought the MAC address is dynamic or changes every so often.
Your computer's network card or phone's network hardware has a fixed hardware MAC address. IP addresses are assigned to your mac/phone by your modem/router and could be dynamic. The iCloud private relay hides your IP address by routing your requests through several "relays". Maybe it's similar to what TOR (The Onion Router) does to obfuscate our requests.
This is true for client devices that are not yet using private MAC address randomization. However since iOS 14, watchOS 7 and iPad OS 14, these devices automatically generate their own private MAC address for each network they are trying to connect and for every iOS update, nullifying the whitelist method. Even Windows 10 and 11 have this now (driver support needed). I'm surprised though that MacOS hasn't baked in this feature. A couple of solutions for this problem is to implement a captive portal or the RADIUS protocol. A bit complicated but it will require each end user to dial-in to your network. You can then specifically identify who is connected in your network. To go back to @MharDelaCruz's problem, if you're 100% sure that these connected devices are not yours: Connect your Mac/PC to a LAN port to prevent you from being locked out from your network. Log in to your Wi-Fi management settings. Change your Wi-Fi SSID to a new one (ex: "Get Out", "Pay for your own WiFi", "Makonsensya ka naman"). Set a new password for that SSID. Set the security to WPA2-PSK [AES] (very important!). If supported, set a Wi-Fi schedule (ex: 6am to 11pm only). Turn off WPS if you're not using this feature. Verify your new network and Wi-Fi settings. Reboot your Wi-Fi access point and modem (optional). Please take note of the randomized MAC address feature above if you have multiple Apple devices. It's possible that is what you encountered.
Random MAC addresses are most likely your issue @MharDelaCruz It's not possible to brute force properly setup strong cryptopgraphy, i.e. your wifi, cellphone encryption, ssl, etc. That's why the NSA wants a back door. Do check that telnet port is off in the PLDT ONU. The PLDT admin passwords are all over the internet/google/YouTube depending on the ONU model number.
Hello everyone, i have a question regarding PLDT fibr users especially on bridging their connection. Is it better to request bridge mode thru PLDT or manually bridge PLDT router/modem by accessing PLDT Fibr Onu’s as pldtadmin? Im using an AmplifiHD router with mesh points. TIA
They should do it. ONUs are configured in bulk through the OLT in their CO. Simply put, most of the settings you can do on the ONU will not stick and will either return to the preset configuration immediately or everytime it connects to PLDTs network.
Just call 171 and make the request. The first CSR asked me to fill out a form but didn't say where to send it. I called again to ask and the second CSR said the form is not needed She put in the request and it was done the next day.
If it ain't broke, why not fix it anyway. Got a pfsense appliance from shopee. Celeron J4125 with 4 2.5Gbe ports. After about 3 weeks of burn-in and getting acquainted with it, removed the ERX from the path and have this as the main router. Can easily get 300/300 with Traffic Shaper on. This is really the main reason why I got it so, happy I guess. Sayang and speed boost ni PLDT. ERX can't do QoS above 180Mbps. This one does so with ease. CPU is mostly 0% and only uses 700+MB of SSD data with 8GB of swap space. Not much SSD needed apparently. Could have saved by getting a smaller SSD as opposed to 256GB. I guess can now sort of understand why Lawrence Systems is recommending pfSense with Ubiquiti stuff. Anyway, @oj88, is Untangle the next evolution? Why'd you move to Untangle?
It's natively an NGFW. I just have better control and visibility using Untangle. I find the built-in applications to be more cohesive compared to pfSense 3rd-party plug-ins. The top four built-in apps I use are: Web Filter, Bandwidth Control, Application Control, and Policy Manager, among others. So with my specific use case: I can define how and which endpoints are going to be tagged and gets assigned a policy group like "Kids", "Guests", "Default", "IoT", etc. Each policy group then gets assigned which applications are allowed/not allowed in Application Control, which website or web categories they can/can't access in Web Filter, along with how much bandwidth they can use on a per group, per device, website or application basis in Bandwidth Control. And I didn't even mention the Firewall app, which is but just a footnote, in the grand scheme of things. Let me put it another way.... If I wanted a powerful Layer 3 and 4 appliance, I'll go pfSense. But for modern web traffic patterns and threats, you'd want better granular control up to Layer 7. That's why I switched to Untangle NGFW.
Now I know why you moved to it. As it is, my use is mostly for - IOT VLAN - and Traffic Shaping Untangle sounds interesting. Will check it out. Is it possible to test in a VM? Sometimes just want to play with tech.
It also has a traffic shaper (QoS) and a bunch of other stuff I didn't mention... WAN Failover, WAN Balancer, IPS, Ad Filter (although I supplement it with Pi-Hole), to name a few more. You can run it as a VM. I had it run that way a long time ago but later decided to switch to a bare-metal install because of I/O performance issues with the hardware; It's on an old HP Proliant G7 N40L Microserver from almost a decade ago.