Search
HomeFeedback and discussionFeature Requests
123

Block devices from Internet but allow local LAN

tl;dr - The current 'Block device' feature blocks the device from joining the local network entirely. It would be very useful to have an additional type of blocking mode that allows full local LAN access, but prevents outbound Internet connections.

Use-case: The main one (for me) is mainly for the millions of IoT devices that people have in their homes. The grand majority of these are not designed with security in mind (default root passwords, lots of unnecessary calls to cloud services for various data reporting, inability to even change these settings, etc.). Lots of the botnets these days are actually composed of these types of devices. Being able to use them in home via bluetooth and wifi (say, a light switch controller, a vaccuum, a kitchen appliance) but blocking them from outbound internet connections would be very useful.

Description of feature:  It’s all about being able to allow a device to talk to the local network (for example 192.168.1.0/24) but then be blocked in any outbound, non-local-subnet connections (i.e. those that will hit the default route (192.168.1.1 in this example) and then be NAT’d by the eero to the public address). The current feature acts more like blocking a switch port… if you block a device, it can literally talk to nothing (including 192.168.1.0/24 in this example).

88replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular

  • To be clear, I'm not using whitelisting/blacklisting, I'm using a profile.   I named the profile "No Internet Access" and the profile contains a "Pause Internet" schedule which is active 24 hours a day, 7 days a week.

    If the pause internet function of the eero actually blocks all internet access, then this should be working correctly.   So far it seems to be blocking all internet access, and I can still talk to the camera locally and grab video from it, so it is working locally.

    (sorry these pix seem to be obnoxiously large)
     

    Like
      • gtreece
      • gtreece
      • 1 yr ago
      • Reported - view

      Bob111 you are correct! i had not explored that option, but yes- it looks to be the way to do what i need... much appreciated!

      Like
      • Bob111
      • Bob111
      • 1 yr ago
      • 1
      • Reported - view

      gtreece meh.  turns out it's doing a lot more than blocking internet access now.   Certain things I can still do, like get an rstp stream from the camera, but i can't get snapshots from the http port of the camera anymore.

      Experimented with a couple of local printers and it made them unusable.   They're connected to wifi and all, but I can't print to them, can't ping them, etc.

      I'll just check eero's documentation on how the Pause Internet actually works.  I'm kidding, of course, eero doesn't really document anything for the user.

      Like 1
      • gtreece
      • gtreece
      • 1 yr ago
      • Reported - view

      Bob111 - not good. I've been having issues in general with my Amazon music streams keep getting dropped. I've read that that is fairly common. i had 2 cameras drop this morning, but have not investigated yet.

      Like

  • Are there any updates on this?

    Like

  • Hello,

    do I have to use a different IP address, not 192.168.1.1..... I see in Windows, his IP address is used but I do not know much about it because I don't own that IP address... do I have a way to use a custom IP address?

     

    Thanks

    Like

  • How is this not a feature yet? I'm not paying for eero plug for this simple request.

    Like

  • After 4 years and no fix from Eeros, I suppose we aren't going to see one.

    Is this a hard thing to implement or just something they don't want to implement for one reason or another?

     

    All the same, it makes me contemplating switching out my mesh.  Does anybody know if Orby or TP-Link offer the abilty to allow specific devices onto the internet while blocking others?

    Like 1
      • markles
      • markles
      • 2 days ago
      • Reported - view

      Tmacaddress Yes, TP Link does. As does Asus.

      Like

  • We retired our eero mesh and moved on as eero refused to implement a basic feature that EVERY OTHER reputable router manufacturer supports. And as the go-to person for family and friends who need tech advice, I will always respond with "Not eero" when asked for router and mesh recommendations. Eero, you've displayed a complete disregard for basic security practices and hefted a huge middle finger to your user base on this one. Good riddance.

    Like 2

    • markles we did the same. If you end up on this thread searching for a solution and thinking of buying an EERO, don’t. Return your EERO or don’t order it if you can. This is extremely brutal disregard for modern security practices. 

      Like 1
Login to reply
Vote123 Follow
  • Status Under Consideration
  • 123 Votes
  • 2 days agoLast active
  • 88Replies
  • 2972Views
  • 74 Following
cancel
Mention someone by typing their name
No matching users
Products
How it works
Technology
eero Secure
Support
Find Your System
Cookie preferences
Shop
Careers
Blog
Media room
Legal
Custom installer
Where to buy
eero for Service Providers
© 2023 EERO LLC, SAN FRANCISCO, CA

Home

Need Help? We're here for you!

We're big on support, and we want to make sure you always have the best eero experience possible. Here are several resources you can use if you ever need our help!

Quick links

Community Guidelines

Help Center

Contact eero support

@eerosupport

eero.com