[Question] Protecting outdoor LAN port from infiltration? (lemmy.ml)

submitted 3 months ago* (last edited 3 months ago) by brownmustardminion@lemmy.ml to c/networking@sh.itjust.works

12 comments fedilink hide all child comments

If you have an outdoor Ethernet port—in my case with a WiFi AP connected—how can you go about protecting your network from somebody jacking in?

Is there a way to bind that port to only an approved device? I figured a firewall rule to only allow traffic to and from the WiFi AP IP address, but would that also prevent traffic from reaching any wireless clients connected to the AP?

Edit: For more context, my router is a Ubiquiti UDM and the AP is also Unifi AP

you are viewing a single comment's thread
view the rest of the comments

[-] seang96@spgrn.com 8 points 3 months ago

You could probably do an automation with home assistant to disable the report if the device gets unplugged, notify you about it, then require to you approve / re-enable the port.

This of course would require the service to be running, but combined with MAC filtering and placing it on an untrusted VLAN that's probably the best you could do.

this post was submitted on 24 Jul 2024

11 points (92.3% liked)

networking

2776 readers

1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago

MODERATORS

manifex@sh.itjust.works