Allow users to use my Wi-Fi; prevent them from using my wired routers

2

3

I have multiple networks and I use basic Cisco routers (Linksys E2500) at each.

I allow users to use the Wifi, but my computers are wired in, and I'd like to somehow prevent users from using their PCs/Laptops and hooking up a wired connection.

How do I prevent users from hooking wired devices to a router?

Given that I do allow use of the Wifi, I can't turn off DHCP and go with static addresses, so that's out.

Moses

Posted 2013-03-25T19:48:30.760

Reputation: 10 813

1Do you have a domain? – Brad Patton – 2013-03-25T19:57:04.017

No, and if so I would of course utilize my options there. Each of our locations is on it's own LAN. – Moses – 2013-03-25T19:58:06.330

I don't think this is possible. There's a thread on the Linksys forums about this as well, and the conclusion there is to physically secure the router/prevent access.

– ernie – 2013-03-25T19:59:32.250

2Good man :) I think your best bet is either an active domain of sorts, or else you will manually need to whitelist/blacklist MAC addresses (not all routers support this, so you may need custom firmware as Kruug mentions below). Even that has easy ways around it though, so running custom lines is an option @techie007 mentions; however, all the empl.. I mean visitors would need are passive splitters. There's no silver bullet, but any or all those measures would do the majority of the work for the "average user" type of guest. – nerdwaller – 2013-03-25T20:17:50.927

Answers

7

Couple/few ideas to consider:

  • Separate your Wifi network from your wired network, with separate IP and DHCP scopes.
  • Get routers that support black/whitelisting.
  • Unplug any jacks that are not in use at the switch/router, and lock the switch/router in a closet. If someone needs one they can buzz you to arrange to get it activated.

Ƭᴇcʜιᴇ007

Posted 2013-03-25T19:48:30.760

Reputation: 103 763

This is probably my best option. I'll get a better router, separate subnets for Wifi and wired, and deactivate unused ports. Thanks – Moses – 2013-03-25T20:24:44.143

6

RJLOCKDOWN sells jack locks for RJ-45 ports that physically prevent plugging an Ethernet cable into the router.

jack lock

RJ 45 Jack Locks can give you the extra physical security that you need. Our customers use our jack locks in a variety of locations.
For example blocking unused ports on a switch to prvent [sic] unauthorized access.

Dennis

Posted 2013-03-25T19:48:30.760

Reputation: 42 934

4seriously ? an allen key ? – Sirex – 2013-03-26T00:49:45.703

1

MAC Address filtering comes to mind, as does turning off the ports not in use. Not sure if the E2500's can do this stock, maybe check out DD-WRT or Tomato?

Kruug

Posted 2013-03-25T19:48:30.760

Reputation: 5 078

1

Keep anything that exposes ports in a locked closet or room. This is pretty much how, say, Starbucks Coffee prevents you from using their ports while allowing Wi-Fi.

If you have sufficiently configurable switch, you can selectively power down ports. So even if you provide ports to junction boxes in rooms, those can be disabled.

Kaz

Posted 2013-03-25T19:48:30.760

Reputation: 2 277

Asked: 2013-03-25T19:48:30.760

Viewed: 397 times

Active: 2014-06-16T16:37:58.933