Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Rogers Ignite Gateway Mac Filtering and Admin Login issues

arnym21
I plan to stick around

‎12-18-2023 09:24 PM - last edited on ‎12-18-2023 11:17 PM by Moderator

I have Rogers Ignite Gateway Technicolor 2.0 CGM4331ROG. Its Admin WiFi Connection page shows the following Mac Filtering Options for the modem SSID: Allow All, Allow, Deny. There are also sections Auto Learned WiFi Devices and Manually Added WiFi Devices. I found that in both band Steering (same SSID for 2.5 and 5Ghz) and no Steering modes (independent SSIDs for  2.5 and 5Ghz) the Mac Filtering doesn't work as expected. Gateway Firewall is set to Medium Security, UpNP and Zero Config are disabled in Device Discovery section. I assume the latest modem firmware 6.2p30s1_PROD_sey is installed???

 

In my understanding, if Mac Filtering is set to Allow, the modem should NOT allow WiFi connection to any devices not included in the Allowed list. In practice, the modem allows connection to ANY devices from Auto Learned and Manually Added lists in Band Steering Mode, but only with 2.5Ghz speed regardless of the connected device speed capabilities. With Band Steering switched off, the modem does NOT allow ANY connection (at least from Windows PC) even included in Allowed list. It only allows connection to any devices when Allow All is selected for a given SSID.

 

The impression is that Mac Filtering code in firmware is messed up in many ways. Is there a new firmware that fixes it, or what I'm doing wrong? I tried to reboot and fully Reset the modem, but it doesn't change above behavior. Does Mac Filtering still make sense given MAC obfuscation techniques and possibility to set device MAC manually? Rogers Ignite App now doesn't offer Mac Filtering options.

 

As a separate matter, there is no option in Admin web interface to block Admin login from WiFi, and allow Admin only from Ethernet connected devices. On Remote management page I selected Remote Management Disabled from ANY computer, and the gateway still allows login to Admin web UI from ANY WiFi connected device - may be because they are considered as Private Network (despite marked as Public connection in the device settings)? Does someone test the firmware options before its uploaded to customer gateways?

5 REPLIES 5

Re: Rogers Ignite Gateway Mac Filtering and Admin Login issues

-G-
Resident Expert
Resident Expert

‎12-18-2023 11:23 PM - edited ‎12-18-2023 11:28 PM

@arnym21 wrote:

The impression is that Mac Filtering code in firmware is messed up in many ways. Is there a new firmware that fixes it, or what I'm doing wrong? I tried to reboot and fully Reset the modem, but it doesn't change above behavior. Does Mac Filtering still make sense given MAC obfuscation techniques and possibility to set device MAC manually? Rogers Ignite App now doesn't offer Mac Filtering options.

I honestly don't know to what extent Comcast tests that code anymore.  Their customers have, in the past, also reported that MAC address filtering is broken: https://forums.xfinity.com/conversations/your-home-network/mac-filtering-on-xfinity-xb8-is-not-worki...

 

Rogers and Comcast expect that their customers will configure the gateway using the mobile app and only the mobile app.

 

Rogers is also not really able to provide support for any advanced configuration and defers any such questions (e.g. for Port Forwarding) to the Community.

 

MAC address filtering still has its uses.  I would never rely on it for security but, if you are trying to lock down your in-home network, it sure is handy if any unknown devices can have their Internet access blocked by default and for known devices to have access restrictions put into place depending on their level of trust.  It can keep your kids' friends from using your Wi-Fi until you allow them access or prevent kids from bypassing parental controls by changing their devices' MAC addresses.

 

Rogers and Comcast are making it easier for non-technical users to manage and secure their in-home network.  However, advanced users still opt to forego Rogers' support, put their Ignite Gateway in Bridge Mode and run on their own network gear.

 

As a separate matter, there is no option in Admin web interface to block Admin login from WiFi, and allow Admin only from Ethernet connected devices. On Remote management page I selected Remote Management Disabled from ANY computer, and the gateway still allows login to Admin web UI from ANY WiFi connected device - may be because they are considered as Private Network (despite marked as Public connection in the device settings)? Does someone test the firmware options before its uploaded to customer gateways?

There is not really any way to lock down admin access, at least not from the internal LAN side.  The "Remote Management" section is used to enable access to the web admin UI from the WAN side of the firewall.

0 Likes

Re: Rogers Ignite Gateway Mac Filtering and Admin Login issues

arnym21
I plan to stick around
In response to -G-

‎12-19-2023 01:33 AM - edited ‎12-19-2023 01:52 AM

@-G- wrote:
put their Ignite Gateway in Bridge Mode and run on their own network gear

Not sure its the secure solution either. I had an OpenWRT router behind Rogers Gateway in Bridge Mode, and an Android TV connected to the Gateway via WiFi to not expose the router's WiFi to easy hacking. Nonetheless, someone hacked my lengthy Gateway WiFi password via the TV traffic, and then somehow planted spyware into my PC hooked via Ethernet to the OpenWRT router behind the Gateway. This is despite all Firewalls On, secure configs, PC set to Public network with no sharing, etc.

 

Apparently, current hackers use secret backdoors and packages leaked into public domain, and they are far more sophisticated than exposed consumer hardware config options, which on top don't work as expected.  Yesterday my laptop started dropping WiFi connection to the Gateway, then stopped connecting entirely, so I had to change everything in setup to restore access. Other devices as well started experiencing intermittent WiFi connection problems. I suspected the Gateway firmware was hacked, or some command line code added, possibly via the Rogers Admin UI, which likely requires some default password to access from the subscriber's side. How to find and download latest available Rogers FW version for the XB7?

 

Is Rogers Advanced Security configurable in any way, or just On & Off black box solution? I switched it On, and it started blocking access to some legit sites instead of watching for unauthorized access to the Gateway.

 

0 Likes

Re: Rogers Ignite Gateway Mac Filtering and Admin Login issues

RogersCorey
Moderator
Moderator
In response to arnym21

‎12-21-2023 08:07 AM

Good morning @arnym21!

 

I think you may have Parental Controls turned on if certain sites are being blocked. Please login to the HomeConnect app to check this particular setting:

 

Use Ignite HomeConnect to turn on parental controls - Rogers

 

Regards,

RogersCorey

0 Likes

Re: Rogers Ignite Gateway Mac Filtering and Admin Login issues

arnym21
I plan to stick around
In response to RogersCorey

‎12-21-2023 12:43 PM - edited ‎12-21-2023 12:44 PM

Yes, it was the reason for blocking the legit websites. Btw, Parental Control apparently doesn't work when using VPN, meaning same websites were showing up for me on VPN. Not sure either why for example XDA forum was blocked by Parental Control? 🙂

 

I hope Rogers will add some transparency to the Advanced Security feature, with customizable by subscriber options. Even more important to show in Help some examples proving it does prevent unauthorized access to one's home WiFi network.

0 Likes

Re: Rogers Ignite Gateway Mac Filtering and Admin Login issues

RogersJo
Retired Moderator
Retired Moderator
In response to arnym21

‎12-23-2023 12:47 PM

Happy Holidays @arnym21! 😊

 

We're glad to hear it got sorted out! We appreciate the feedback!

 

RogersJo 
 

0 Likes
Topic Stats
  • 5 replies
  • ‎12-18-2023 09:24 PM
  • 4347 views
  • 1 Like
  • 4 in conversation
Copyright © 2025 Khoros, LLC