\wrt610n - Are access restrictions broken?

Similar Messages

• WRT610N V2 Access restrictions & https protocol (bug?)

  In case this helps anyone else.
  I was having problem setting up a simple access restriction. A 'Everyday' time blockage for one particular MAC address.
  When I changed the time range and tried to save the change I would lose contact with the router and it would not take effect.
  I have the router set to use https. I administer it over wireless using the html interface from Firefox on various WIndows machines.
  What seems to be the problem is that I cannot save the settings change in https mode. When I do that I do not get confirmation that the setting was changed and the router changes back to http mode - so continued attempts to reach it on https fail.
  Once I get smart enough to change back to http I can access it. I see the change was not saved. The interface still has the https option checked... I have to toggle it off and toggle it back on to re-stablish https operation.
  (I am using the current 2010 firmware release)
  Solved!
  Go to Solution.

  Thanks that did it - re-reading your post I perhaps didn't do it quite right - I did the full reset before flashing it but it seems to have worked.
  Also I found I did not have the latest firmware - not sure why I missed it before as I definitely checked since the created date - but perhaps it was uploaded later. That resolved a couple of other minor issues I had.
  One minor remaining irritation is I think I cannot set an access restriction between 23:55 and 24:00. Assuming it still doesn't allow a Deny time range crossing midnight then the latest end time I can set it to is 11:55 PM (I tried 12:00 AM but it refused to permit an end time prior to the start time).
  Hope my son doesn't discover that 5 minute window.

• How to set 'colliding' access restrictions in wrt610n - what are rule preferences?

  Hello. I want to set up access restrictions to one MAC address (my kid's machine) basing on week days. From Su to Th allow less access time while during Fr-Sa afternoons access time should be longer. The question is how to program it in router. I know I can set rules with "allow" and "disable" keyword, but I don't know rules preference.
  When I set (Su-Th 6-21) allowed access time then router automatically denies defined machine internet access outside this time range. The problem is in the power of thus calculated denying time. I want to allow more access time in weekend, so I hoped if I can simply add "Fr-Sa 6-22:30 allowed access time" rule. I hoped that router will regard explicitly set time over inexplicitly set  time but it appears it is not so.
  Does anyone know the rule of rules? What are their preferences/priorieties, iis it possible to stack more rules affecting one MAC address or it is so simple that the first rule "rulez"? Is it possible to set more than one time rule affecting the one machine?
  Solved!
  Go to Solution.

  Agh! Thanks for your reply, it was good incentive to test the problem little more. Now I'm pretty sure that wrt610n algorithm has problem - it lies with power cuts. In my flat, the last internet user usually turns off power board when goes to sleep. After power is resumed router seemed to work flawlessly yet herein lies the problem and I hope I've found solution.
  The tests I have done:
  1. 2 rules (as mentioned in my first post). Kid's machine works (this is day now). Didn't played with rules times. Just turned router off. When router was turned on, two other (parents) machine get internet access while kid's machine didn't! Kid's machine was banned from internet against the rules. Router has proper time set - I checked it's status.
  2. I turned both rules to "disable access" versions (1. disable access Su-Th 21-23:55; 2. disable access Fr-Sa 22:30-23:55). This rules should work almost the same way (the only problem is, that no rule can expand over midnight, so the third rule should be added, banning access from midnigts to early mornings). The router was switched off. Then on. All three machines now has internet access. I hope, router will ban access in the afternoon automatically, as is set
  My deduction. Algorithm bases on time points. When marked time comes, algorithm do, what it should do (but only, if router is powered). When you set "turn internet access on" time (this is "allow rule"), router turns on the access precisely at the chosen moment of time. If router was dead at that time, it doesn't turn the access on however, when power is restored. But when you set "disable rules" in place of "enable rules" I hope it should work and I tested, that this way router gives access after turning it on. Router should disable internet access to the kid's machine at selected time - at least until smart kid does not turn the router off a few seconds before the switch_off time and soon after turn it on But then there is plenty of more powerfull means of control, so I don't worry too much Yet it seems to me, there is a flaw in algorithm, which doesn't run properly after power on.

• Access restriction based on Sales Units / Sales Area

  Hi all,
  I am looking into the access restriction functionality on business roles.
  One of our customers has a requirement to separate data between their different sales organisations. One sales organisation should not see customers, opportunities of the other sales organisation and vice versa.
  In the access restriction I see that the access context defines on which elements you can set the access restriction.
  For customers and opportunities the possibilities are: Employee or Territory.
  Setting the access restriction on Employees is not a solid solution for me (when the employees are changed in the org model, the access restriction is influenced on several business roles..)
  So what if we do not use territory management / if the territory management setup differs from the actual sales areas / sales units?
  So my main questions are: can we set access restriction based on Sales Units? (we will setup integration with SAP ERP which means we cannot enter sales areas for prospects...). And can we influence the access context or do we need developments for that?
  Kind regards,
  Jasper

  We plan to enhance the access restrictions based on sales organization and distribution channel in a future release.
  If you setup territory management, we offer sales office and sales group including sales organization as attributes to define a territory if you are connected with SAP ERP.

• Wrt610n after upd to 2.00.01 tab "Access Restrictions" was gone

  Hello. I decided to update firmware on wrt610n from 2.00.00 B05 to 2.00.01. After it - tab "Access Restrictions" was gone. Can I use this function on this version? If not where I could download firmware by 2.00.00 B05 version?
  Solved!
  Go to Solution.

  Seems weird. I’ve checked on the release notes and FW version 2.0.01 B015 included a fixed on access restrictions. Have you tried powering off and on the router after the update? If power cycle won’t work, you would need to press and hold the reset button for 30 seconds and totally reconfigure the router’s settings. All tabs should be present after reset since it would restore all settings back to factory defaults.

• Access restrictions timing off by 1 hour

  I don't know if anyone else is experiencing this problem.  I have set access restrictions on my WRT610N router and they execute an hour earlier than set.
  I checked the time zone settings, the system clock and all seem correct. I have a rule that is supposed to turn off access to the Internet at 11:55pm. However, the rule gets executed at 10:55pm.
  This was happening on my first WRT610N which was also dropping network connections. So, I returned that unit and got a replacement.
  The new unit does not drop connections but has the same timing problem.  The only solution I have found is to change the time zone to the next one that is 1 hour behind my time zone.
  Please let me know if anyone else has experienced this same situation.

  My ISP is on the same town as I am. The information they are supplying appears to be correct as my WRT54G uses the same information and its rules execute properly.
  I think there is a problem with the WRT610N. My solution is temporary I hope that Linksys will fix this problem. 

• Can't get Access Restrictions to work WRT54G v3

  I am trying to get a cell phone to have access to my LAN from 3am to 7am.  I gave the policy a name, allowed access, checked everyday and the time 3a to 7a.  Under edit list of PCs, I entered the MAC address of the phone, and I have also entered the MAC address of the phone on the wireless>edit mac filter list, though didn't know if I should.
  Anyway, I can't seem to get the Access Restriction to work and would appeciate any guidance...thanks

  hmmmmmm... have you tried using the IP address instead?  based on my experience, the Acces Restriction policies are a bit tricky. 
  Too bad the WRT54g has no parental controls which is a lot easier to configure.
  "Don't fix it if it ain't broken."

• WRT54GL Cannot get access restrictions to work

  I purchased a WRT54GL router (v1.1 with  firmware 4.30.7) and I cannot for the life of me get the access restrictions to work.  I made three policies, one for my PC with 24/7 access and one for the kids PC with access from 7pm to 9pm during the weekdays and another for the kids PC with access from 12pm to 10pm on the weekends.  whenever I enable the policies, my PC can access the internet but the kids cannot (of course during the proper times).  When I disable their policies they still cannot get on till I also disable my policy.  I have gone thru everything I can think of including multiple hard resets but access restriction simply will not work.
  Of course there is no mention of my hardware or firmware version anywhere on the linksys support system!  Anyone have any thoughts?

  hmmmmmm... have you tried using the IP address instead?  based on my experience, the Acces Restriction policies are a bit tricky. 
  Too bad the WRT54g has no parental controls which is a lot easier to configure.
  "Don't fix it if it ain't broken."

• WRT54G2 and WRT54G locks-up (freezes) when blocking web sites using Access Restrictions

  I am convinced that a few Linksys routers such as WRT54G2 and WRT54G have a major issue when blocking web sites using Access Restrictions (Internet Access Policy). After a few hours of internet access by 15 wired users the Linksys locks-up and blocks all internet web access. The only solution is to restart the power on the router.
  We are currently using a Linksys WRT54G2 v1 (firmware 1.0.04). We upgraded the WRT54G2 v1 firmware to the latest 1.0.04 version which did not resolve the issue.  NOTE: We were previosuly using a a Linksys WRT54G v1.1 (firmware 4.21.1) until the power supply blew a week after we started blocking web sites using Access Restrictions (Internet Access Policy).  
  Basically, we have a T1 internet connection and a hub connected to the Linksys router. We are trying to block several web sites such as facebook, myspace, etc. for 15 wired users. We do not use wireless connections.
  This is the 2nd time it happened with 2 different models.
  Please help ASAP.
  Thank you,
  Lance
  (Mod note: Edited post. Some parts off topic.. Thanks!)

  Also,  you have already upgrade/re-flash the firmware of your Linksys Router you need to reset and reconfigure your router from scratch. Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

• How to configure CLI/DNIS based access restriction in 5.3 ?

  Hi,
  does anybody have an idea how the setting
  define CLI/DNIS-based access restrictions which is defined in ACS v. 4.2
  can be configured in acs 5.3 ?
  in v. 4 for every user in a group with 40 members  a different CLI is defined for each. How can I configure that in version 5.3 ?
  any help as always much appreciated!

  The equivalebt to NAR functionality can be found at:
  Policy Elements > Session Conditions > Network Conditions > End Station Filters
  Can then define an object with a set of CLI values
  These objects can then be used in policy conditions. So can create a condition with a set of CLI values and then match in authorization policy for values that are included in this set and set authorizations accoridngly
  Not sure if this is your use case but hopefully may be a start

• WRTU54G-TM Slow Setup Page and HTML Error on Access Restrictions Page

  I have a WRTU54G-TM Wireless Router.  It has v1.00.21 firmware and I have done a reset with no solution.  Everything seems to work, except the setup pages load very, very, very slow.  Also in Internet explorer I get an HTML error on the access restrictions page. Resets don't help.  The router did not have this issue until about a month ago that I recall.  I can see on the access restrictions page the gray shading is all lined up except at the bottom on the page, like ther is some sort of issue in the html within the router.
  One more problem, after I reset the router the saved config file I made would not change the default settings back, I had an older saved config file also, it would not work either.
  Is this an issue with this firmware version?   Any one else see this?
  Message Edited by johnsonle9 on 01-24-2010 01:24 PM
  Message Edited by johnsonle9 on 01-24-2010 01:24 PM

  Are you getting the same problem with another computer...?
  Try using different computer and check if you are getting the same problem or not...If yes then,I would suggest you to re-flash/upgrade the router's firmware,reset the router and re-configure it from scratch..Do not use the save config file.

• Access restriction in Universe

  Hi All,
  In our environment we have 2 domain (US and Europe) and most of the user have id created for both the domain. We have 2 identical databases one in US and other in Europe. US database holds US information and Europe holds Europe data. 
  In our BO environment we have set the ad groups to create new id for each user Alias i.e if the user abcd has access in both US and Europe domain BO creates 2 separate ids for each domain (bo internally creates abcd and abcd0). We have only one universe and set of reports which has connection switching based on the domain user logs into BO (access restriction at connection level). This works absolutely fine, switches database connection depending on the domain user logs in.
  Now we are hearing from our users that they can access the personal reports created under Europe login in US login (this because users has abcd and abcd0). So we decided to create enterprise id and alias the users from AD group (abcd --> alias AD abcd), if we do this the change the connection swap is not happening as the BOUSER always returns abcd as user and universe restriction is only picking the default connection.
  Thanks
  Srinivas

  Hi,
  As you have mentioned in the post that OS is solaris. so for Solaris LAFix has been released by PG for this issue.Below are the details:
  VERSION:     XIR3.0 LAFix0.18
  PLATFORMS:       Solaris Solaris 10
  LANGUAGES:       English
  ADAPT ID:      ADAPT01099598
  Synopsis:     Universe connection override does not work u2013 Error WIS 10901
  WARNING: This LAFix has not been through a full regression test cycle but it has been deemed to fix the problem reported by the customer.  Inadvertent introduction of an unforeseen issue can however not be fully excluded. Before providing this LAFix to the customer, Customer Assurance must perform their own tests to confirm customer issue is solved.
  ADDITIONAL INFORMATION
         Installation Instructions :
  1.     Stop all BO Enterprise services, e.g <BOE_DIR>/bobje/stopservers
  2.     Gunzip and Untar  XI3.0_RHEL_LAFix0.18.tar.gz
  3.     Change directory to <EXTRACTED_LOCATION>/LAFix0.13/DISK_1
  4.     Run install.sh
  5.     Re-start all BOE services, e.g ./startservers
         Uninstall Instructions :
  2. Run uninstallpatch.sh from your system.
       New Behavior :
              The above issue is now resolved.
       Limitations :
              No known limitations
       Component(s):
        libuum.so
  Note: LAFix is released on top of XI 3.0
  To download the or get the LAFix you need to contact to your Sales Account Manager of BusinessObjects.
  Cheers,
  Deepti Bajpai

• Session and Access Restriction

  Hi:
  I have this problem with access restriction. I was trying to build a "secure" site with sessions where users are able to login and access secure webpages upon successful login. And these webpages are not available as soon as the user session expires or terminated. However, from time to time, these web pages are still accessible after logging out by pressing "back" button on the browser or book-marking these pages.
  I noticed that Hotmail and old Yahoo mail system have the same problem as the one that I have just described.
  I am not using https or virtual host or anythind like that, because I didn't have the resource. It is supposed to be a Basic Authentication (login/password) scheme.
  Could any one light me some fresh ideas?
  Thanks
  Tian Lei Xia ":)

  To avoid the bookmarking problem, set a session attribute with the login details.
  Once they login:
  if(request.getParameter("username")!=null)
       session.setAttribute("username","personA");
  if(session.getAttribute("username")==null)
       //don't display the page
  else
       //show them the pageThis is a very basic technique and there are other ways of doing this. As for logging out then the session should just be invalidated.
  An alternative would be to use the security features of the web deployment descriptor and get the web container to handle the sessions for you (See servlet API specs 2.3 for more details).
  Good luck,
  Anthony

• Cisco ISE Machine Access Restrictions MAR

  I want to test out MAR.  I notice there is a tick box on the ISE for MAR under: Identity Management --> External Identity Sources --> Active Directory --> Advanced Settings --> [tick] Enable Machine Access Restrictions
  but also there is this condition that is to be used in the AuthZ Policy
  Network Access:WasMachineAuthenticated           
  So...
  What does the tick box option do?
  Are they related or refer to different things?
  Are both needed to get a MAR AuthZ to work?
  Any of clarifying or beneficial info?
  thanks

  Hi,
  Your are correct you will have to create an authorization condition that checks if the machine authenticated successfully.
  So...
  What does the tick box option do?
  When you enable MAR globally it lets the ISE know to build a cache  for endpoints that successfully perform machine authentication.
  Are they related or refer to different things?
  They work hand in hand.
  Are both needed to get a MAR AuthZ to work?
  Yes, you will have to create another authorization policy to allow domain computers to connect.
  Any of clarifying or beneficial info?
  When MAR is enabled, you will have to enable machine and user authentication to your laptop, after MAR succeeds ISE builds an entry in its database mapping the endpoint (mac address) to a successful machine authentication, after when a user authenticates not only do they have to provide the correct credentials but the mac address they are authenticating through will have an entry in the "MAR cache", keep in mind that some supplicants only perform machine authentication when logging on and off, and on boot up. If you want to use MAR i suggest using the Anyconnect NAM client, there is a new feature in ISE 1.1.1 and the latest client that allows you to perform eap chaining.
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• Downgrading firmware on WRT54G/access restrictions

  I had a WRT54G.  Access restrictions worked.  I upgraded the firmware and the access restrictions no longer worked. 
  So after researching, it appears the firmware I upgraded to was buggy and the access restrictions didn't work with the new firmware.  I couldn't figure out how to downgrade back to what I had. 
  Called Linksys and ultimately they said they would send a new router.  I asked if it would have the old firmware that my router had previously, where the access restrictions worked.  Yes, they said.
  New router arrives today.  Firmware is v1.02.2, June 7, 2007.  NOT the prior firmware.  Sure enough, the access restrictions still do not work on this router either.  I don't want to spend yet another two weeks trying to resolve this with Linksys.
  Question:  Is there a way to downgrade to firmware where the access restrictions actually work for WRT54G?  If so,
  what version should I downgrade to?
  where do I obtain it? and
  can I download the firmware and then install it using the administration/upgrade firmware tab on the router (even though it is a downgrade)?
  Thanks very much for any thoughts.

  Thanks for the suggestion, Badboy.  Unfortunately, although I could download the firmware and successfully load it onto the router, the access restrictions in that version do not work either.
  It doesn't seem as though all prior versions of firmware are on the ftp site, ftp.linksys.com.  For example, I also have a wrt54gs v. 4 (speedbooster) with the same access restriction problem.  It currently has a firmware version loaded that doesn't appear to be listed on that website.  (I couldn't download prior firmware for that version that worked.)  So, perhaps prior firmware exists for the wrt54g v. 6 that is not listed on that site also.
  Does anyone know if there is another site that has a more extensive collection of prior linksys firmware? 
  If not, I suppose I can call linksys again, but even if they send yet another router promising the old firmware on it, I suspect the message is just going to get lost between the promise made on the phone and the guy in the warehouse filling the RMA order.