Block devices from Internet but allow local LAN

This would be an excellent feature on eero. Please add as a standard feature (I.e. don’t add as a subscription feature)

 know this is an old request - but thought I'd add a use case in hopes that it gets bumped up

.  We have two different NAS drives for our house.  One is for media and the other is a RAID for backups of our personal data.  The media one isn't touched much and doesn't need outside access. from a security perspective would like to just have it locked down so I don't have to muck with it with every little security update.

On the RAID - I absolutely  want to make sure that the RAID is not accessible external to our local network as it comes with all sorts of pre-installed software for FTP and SMTP servers.  I've turned those off I believe at the device but it would be brilliant if I could just shut off all Internet access for that device but still let it work on our network.  I occasionally will want to turn it back on in controlled situations so having a easy 'switch' in the Eero software would be really valuable.

Hi,

I think you should try the dmoat home network security device. this device provides security to your home router and builds a security firewall.

I would also like this implemented in the firmware. I have LAN services (ie: Plex) that need to be accessible while the internet is paused. 

Definitely a needed.  I have several IoT devices that I don't want to access the internet.  A simple way to block all ports per device would go along way. 

+1 for this feature! Found this thread while trying to google how to do this with my eero.

There are 3 things still missing from eero to really complete the package for me and this is the number one.

Kinda sucks. My stupid Dlink camera is infected with Mirai and I can't get rid of it. On my old router I just blocked it from the internet and it was fine

cant believe that you haven't implemented this feature yet...  Please, We implore you!  Give us some control over devices that call home incessantly!  Should be a relatively easy feature to code.  Otherwise Eero is a great system.  Please help keep it that way!

By and large I'm satisfied with eero, but this is not the first time I've needed a feature and been quite surprised that eero doesn't have it. This is practically table-stakes. Depressingly, I wonder if this is intentionally withheld to make eero Plus seem more valuable as a service.

After all, the promise of a maintained blacklist of botnets would theoretically justify ongoing payment. But the much simpler solution — whitelisting to local devices only — is easy, and would possibly mean that fewer people would need to pay for eero Plus.

The absence of these sorts of features makes me highly unlikely to invest any further in my eero setup and more likely to jump to Ubiquiti — or anyone else who'll just sell me WiFi equipment without entangling me in a quirky business model.

I joined this forum just so that I could upvote this comment. I need control over this basic functionality and will end up buying another device to get it. Blacklists/whitelists, while a useful feature of the subscription service, are a completely separate issue.

I can't believe this has not been added. It would make sense if Pause = pause internet and block = block device from network. Instead they give you two buttons that do basically the same thing.🤦‍♂️

I have this same concern!  Western Digital (WD) just announced an issue with some of their drives where remote wipes are occurring and recommended that users remove Internet access.  My model is not mentioned as being affected but I would like to remove that access as a precaution; however, WD does not have an option to disable cloud services on My Cloud Home or My Cloud Home Duo (doh!) and eero does not seem to have a way to block only outbound Internet access (doh!).  I cannot disconnect the NAS from ethernet or I lose local network access which defeats the purpose of the drive (Time Machine backups, media server, etc.).  Finally, I am paying for eero Secure but even those controls are not adequate.  You have to block by site so now I will have to use Little Snitch and other tools to try to figure out where the drive is connecting to then block by URL (not impossible but a HUGE pain).

I ended up buying a firewall and putting eero in bridge mode to secure my network and make this request possible. I also advise many people to do this and to not subscribe to the built in security features of eero. Unfortunately something as simple as this feature request not being implemented and is a basic feature of any firewall is costing eero business. The firewall I am using is the firewalla gold. https://firewalla.com/

Given the situation with Western Digital My Book hacks, this is super critical. I'm putting my NAS behind a Cisco SG3000-10 until Eero supports this. I'd encourage others to find a solution for their NAS devices as well.

This is disappointing to see 2 years old. I too have devices that try to phone to China that have no business doing so. They should work perfectly fine with local only communication and I was really hoping “content filter” in eero secure meant I could block all internet content if I wanted.

I would like to thank everyone at eero for ignoring this thread for 3 years, thus proving they don't have a single f-k to give about security or the needs of their users. If anyone doubted what would happen when Amazon bought the company, that doubt has been removed.

Just setup a new eero install. Disappointed to learn I can’t block outgoing requests. Even more disappointed this request is three years old.

This is a must have with all the IoT devices in circulation these days. Come on Eero!

I Googled this functionality and it brought me here. I need this as well. Does Eero ever add any new features? Is this product still being actively developed? It seems lime they haven’t done much of anything to it for quite a while.

Ditto - looking for standard general functionally to control which of my network devices can or cannot communicate through the router to the internet.