Hi … new question. One computer on the network is not ours (wife’s work computer). We have to presume it has a key logger on it. Is there a way to assign a different password to that device ? Something to do with vlans? The goal is to disable access to our network by deleting the password that machine knows about. Otherwise it seems like we’ll have to change the password for all our devices or something.
Changing the password of a single device or vlan is just my approach to this problem . My goal is to make it impossible for an attacker to get on our network. Typing the password on that machine I (have to ) assume gives away the password. Is there some other way to achieve security in this situation?
Thank you!!
So I read the manual and it appears to me that my problem has no solution. The VLANs don’t have their own passwords. If anyone has any ideas how to address this issue I’d love to hear it but honestly I don’t think this is a use case this router was designed for.
I will return it tomorrow unfortunately :(; I can tell it’s a quality product but there does seem to be a severe mismatch between my needs and its feature set. My quest for a good home office router with decent security continues !
I wish everyone at peplink the very best !!!
Ahh I had a less depressing solution…lol… run a cat6 to that computer… put that cordless drill to some use!
If there is one feature I would suggest for this wonderful router it’s this- passwords for the individual VLANs as they have for “guest networks”. I have to believe my situation is not unusual these days and in fact it’s physically plausible for someone at her work to wardrive by our house since working from home these days is not related to being “remote” anymore :(.
I am glad I lit on this “solution” and hopefully this will be a solution for other people similiarly situated.
Hi @router_owner,
Before you return the equipment, I would recommend this setup for your device, and if at that point it still doesn’t help then I would lean towards one of the forum Guru’s giving a better answer, and if they still cannot help at that point then I would return the equipment. However, your needs appear to be easily achievable.
Create whatever VLAN’s you need for personal/guest/etc use, but specifically create an additional VLAN for your wife’s computer.
When creating this VLAN, uncheck the “Inter-VLAN Routing” box.
To test this you should be able to ping any other device on any network and get the denial.
Example:
VLAN 10 - Private (inter-vlan checked)
VLAN 20 - Guest (inter-vlan unchecked)
VLAN 30 - Work (inter-vlan unchecked, internal firewall rules set to deny)
You are most likely wanting all wireless for each of these, so create a wifi network for each group, and then assign it specifically to that VLAN. Have your wife’s computer connect to VLAN30 or whatever you set and you should be good.
**Random question - if you suspect the device has a keylogger on it, was it installed by your wife’s company or by accident? If it’s not by your wife’s company you might want to have her contact IT and have the device wiped/replaced. Additionally, if you suspect this, I would suggest never entering any personal information into the device except the bare essentials, and even then that still may compromise something.
Hello @router_owner,
There is a way, though you need to have a much more complex system to do that, VLAN and Port security is done regualrly on goverment and finanical and large corpeate networks.
We have created a guide here within the Forum on how you can do what you want with the Wi-Fi and lots of people have done this for various reasonons including seperating out IoT devices, cameras, printers and guest devices.
Simply created a VLAN and turn of the intervlan routing. Then create a new SSID and associate it only with that VLAN. You now have an isolated Wi-Fi network.
I will have to digest that information, thank you !
The cat6 cable actually solves the problem so I won’t be returning the router.
re: wife’s computer- just my level of hygine at work here is all; no specific reason to think a keylogger is on there and still less that anyone would ever do anything nefarious with it. She works with very nice people. That there could legally be such a thing (it’s their computer) is enough.
I read here that some people have tried to use 40 character passwords also. We’re headline readers and computer nerds I suspect.
I don’t want anyone to have the wireless password except us and my wife’s computer is a potential leak of that information.
For anyone at Pepwave interested, here’s your defacto-salesperson’s work and the proximal cause of me buying this router:
You know I read the German pdf then found that website and made my purchase based largely on its recommendation. It’s a great resource.
I would love to see the organization that created the pdf, Fraunhofer-institut fur kommunikation Informationsverarbeitung und ergonomie, FKIE look at this class of router like they looked at the comsumer class. My impression is those two types of routers are just in two different worlds of security.
