Hi all,
Looking for advice on the best way to seriously restrict my kids' network access (not JUST internet.) I have a new Asus RTAC68U. I set up my old router credentials as a guest network so as not to have to reset all my IoT devices and put the grownups on the new primary network, so we're already separated from the kids. The kids' devices are still running on the old network credentials along with the IoT devices. My eldest is a 16yo budding network engineer and is clever at finding workarounds (I am not a network professional, just an enthusiast, lol.) In my fairy-tale unicorn solution, I could just say to Google, "let kid1 on the internet" and not have to stop what I'm doing to give them access. Scheduling isn't a workable solution for us (the idea is that network access has to be earned, so think like pay-per-use solutions maybe?)
I thought maybe the easiest way might be to make the network whitelist-only? But the guest networks only allow 16 devices, so that wouldn't be enough to carry the IoT devices. I could set up a new guest network for the kids, but I'd have to modify the existing one to stop them from connecting to it (and that would mean I'd have to reconnect all the IoT devices.) The 16yo already knows about randomizing his MAC address, so blacklisting won't be effective for him, and I'd also like to prevent him from plugging into ethernet to avoid his restrictions.
I've been wanting to better organize my network for a long time, so if this is the point where I need to bite the bullet and reset the IoT, then so be it. Please feel free to advise on what you think the "best-practice" solution would be as a whole and not just for this specific situation.
Other tools at my disposal include an instance of Home Assistant and willingness to change firmware.
Thanks!
Looking for advice on the best way to seriously restrict my kids' network access (not JUST internet.) I have a new Asus RTAC68U. I set up my old router credentials as a guest network so as not to have to reset all my IoT devices and put the grownups on the new primary network, so we're already separated from the kids. The kids' devices are still running on the old network credentials along with the IoT devices. My eldest is a 16yo budding network engineer and is clever at finding workarounds (I am not a network professional, just an enthusiast, lol.) In my fairy-tale unicorn solution, I could just say to Google, "let kid1 on the internet" and not have to stop what I'm doing to give them access. Scheduling isn't a workable solution for us (the idea is that network access has to be earned, so think like pay-per-use solutions maybe?)
I thought maybe the easiest way might be to make the network whitelist-only? But the guest networks only allow 16 devices, so that wouldn't be enough to carry the IoT devices. I could set up a new guest network for the kids, but I'd have to modify the existing one to stop them from connecting to it (and that would mean I'd have to reconnect all the IoT devices.) The 16yo already knows about randomizing his MAC address, so blacklisting won't be effective for him, and I'd also like to prevent him from plugging into ethernet to avoid his restrictions.
I've been wanting to better organize my network for a long time, so if this is the point where I need to bite the bullet and reset the IoT, then so be it. Please feel free to advise on what you think the "best-practice" solution would be as a whole and not just for this specific situation.
Other tools at my disposal include an instance of Home Assistant and willingness to change firmware.
Thanks!
