Posted: Tue Nov 24, 2020 16:16 Post subject: Restrict Alexa and any AI system with Router?
I am not a fan and want to limit my exposure to AI. However the wife wants to get a robot vacuum cleaner. The new or higher level machines have neat/better features. I do not want a device walking around the house throwing information out to AI. Thoughts? Is there any filtering or ports to block?
This is a very generic question since every system works differently.
If you want the simplest way. Create a VAP (ie like a guest network) and then setup iptables to prevent access to the internet on that access point. Then connect everything that way. Then whenever you need to log into those wirelessly you have to switch networks to do so.
What does "throwing information out to AI" mean? You mean deny it internet access? Deny access to other devices on the same local network? Other local networks? All of these?
As Wildlion stated, that's such a broad statement, it's hard to give good advice. We don't even know what these devices *require* in terms of local vs. internet access to function properly.
What I do to prevent my IoT devices from sending out data is set up block groups under "Access Restrictions". For example, I have about 8 TPLink smart plugs. I set up a group that includes them all, by MAC address. You can also do it via IP address or IP Range. Whenever I check for firmware updates, I can unblock them all, update them, then reblock them. _________________ Linksys EA8500 (Internet Gateway, AP) - DD-WRT r44719
Netgear R6250 (AP, VAP) - DD-WRT r44772
Linksys EA8500 (Gateway Backup) - DD-WRT r44236
Features in use: Samba, OpenVPN, WireGuard, Entware for Mosquitto
Member #248
Joined: 16 Nov 2015 Posts: 4093 Location: UK, London, just across the river..
Posted: Thu Nov 26, 2020 20:27 Post subject:
yep you can limit smart devices from internet(WAN)side and they will be running only LAN, but its not a solution...as some devices like Alexa internet is a must...
best bet is to isolate them from communicating, from the rest of the network, and communicating between them..
in my case... on my router i've, 1 isolated port (VLAN) connected to a managed switch, capable of VLAN's (isolated ports) and all my smart (IoT) devices are connected there... You can also do it on you router with VAP (virtual WiFI) situated on a isolated bridge....so all devices that use that WiFI will be isolated from the rest of the network... _________________ Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 45229 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44849 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44719 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 45420 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Probably not without breaking the entire functionality of the device if it requires internet access to function. There are no assigned ports for "AI" like most stuff these days its probably all APIs running over https. Your best bet if it will work without internet just don't plug it in or associate it with your wifi. If it won't work without internet then find a device that will work without internet.
Probably not without breaking the entire functionality of the device if it requires internet access to function. There are no assigned ports for "AI" like most stuff these days its probably all APIs running over https. Your best bet if it will work without internet just don't plug it in or associate it with your wifi. If it won't work without internet then find a device that will work without internet.
Well that being the key. If anyone is concerned about their privacy, simply don't buy cloud based devices. The worst offenders seem to be cameras, Amazon and Google products. Using HABridge + Home Assistant + Alexa may help alleviate some of that pain, but probably not enough. and buying only devices that are not cloud dependant is also a saviour if your Internet goes offline too. _________________ Linksys EA8500 (Internet Gateway, AP) - DD-WRT r44719
Netgear R6250 (AP, VAP) - DD-WRT r44772
Linksys EA8500 (Gateway Backup) - DD-WRT r44236
Features in use: Samba, OpenVPN, WireGuard, Entware for Mosquitto
Member #248
