this post was submitted on 24 Jul 2024
11 points (92.3% liked)

networking

2824 readers
2 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago
MODERATORS
 

If you have an outdoor Ethernet port—in my case with a WiFi AP connected—how can you go about protecting your network from somebody jacking in?

Is there a way to bind that port to only an approved device? I figured a firewall rule to only allow traffic to and from the WiFi AP IP address, but would that also prevent traffic from reaching any wireless clients connected to the AP?

Edit: For more context, my router is a Ubiquiti UDM and the AP is also Unifi AP

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 4 months ago

You could probably do an automation with home assistant to disable the report if the device gets unplugged, notify you about it, then require to you approve / re-enable the port.

This of course would require the service to be running, but combined with MAC filtering and placing it on an untrusted VLAN that's probably the best you could do.