this post was submitted on 24 Jul 2024
11 points (92.3% liked)

networking

2824 readers
7 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago
MODERATORS
 

If you have an outdoor Ethernet port—in my case with a WiFi AP connected—how can you go about protecting your network from somebody jacking in?

Is there a way to bind that port to only an approved device? I figured a firewall rule to only allow traffic to and from the WiFi AP IP address, but would that also prevent traffic from reaching any wireless clients connected to the AP?

Edit: For more context, my router is a Ubiquiti UDM and the AP is also Unifi AP

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 4 months ago

Some devices will let you specify a list of allowed MAC addresses per port. I believe ubiquity does allow this.

Some devices will have a whole port security protocol, if they see a Mac address that hasn't been authenticated, the port is put into violation requiring an admin to physically validate it after visiting the port to make sure nothing nefarious happened. I do not believe ubiquiti has this