Keep in mind that cable modems, by industry standards, are required to be controlled and administered by the ISP. Sure, you might have an integrated router/cable modem combo, with a switch that might be supported by Linux, but the modem itself would be useless since even if your build of firmware supported it, the ISP would not allow its use on their network. Manufacturers design modems with this in mind. They may have proprietary firmware, but they are designed to do little more than be a hardware bridge with limited software functions. All functions are controlled by the ISP. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.
Joined: 24 Feb 2009 Posts: 2026 Location: Sol System > Earth > USA > Arkansas
Posted: Mon Apr 26, 2010 5:18 Post subject:
socal87 would be correct in his assessment. Your ISP will be people to talk to about locking down to a MAC address.
Quite a few ISPs do a form of ISP locking by taking the first MAC address that attaches to the modem and then limiting any connections to that MAC until you do a reset on the modem. Some of your less dense ISPs will actually do MAC locking down only because they do not have a huge amount of customers to concern with the process. Typically your larger ISPs will make it as easy on themselves as possible (reduced problems and man power) by going as automated as possible. _________________ E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]
Try Dropbox for syncing files - get 2.5gb online for free by signing up.
Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
That doesn't make sense at all. Optimum...New York...Whoever you talked to probably didn't know what -they- were talking about, or they misunderstood you. Any ISP with engineers/admins with any sense in their gray matter uses some sort of MAC locking. Not to the cable modem, but to the end consumer device, be it a router, PC, what have you. The cable modem is more or less transparent. At startup the ISP sends a config file that tells it what DOCSIS spec it needs to conform to, as well as uplink/downlink channels and rates. From there on, it's all about what you have connected to the modem. The modem itself doesn't get an IP address...the layer 3 device behind it does. Most ISPs will limit only 1 DHCP lease per subscriber line...some may register the MAC address of your client (such as Times Warner) while others simply prevent your line from getting another DHCP lease with another MAC address while you still have one active (like Cox, my ISP).
Why do you want to lock down one particular MAC?
EDIT: If you're trying to implement some sort of internal security, wherein only one (or more) particular client(s) may use your Internet connection, I would suggest you use an ordinary cable modem, with a decent router running DD-WRT. Implement MAC security on the router, and keep both it and the modem physically secured if possible. Do keep in mind that this won't prevent against MAC spoofing, but it's a start. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.
Yes it will lock to a particular mac, but once you reset the modem, it will go to any new mac of the new device that you attach it to.
I am trying to set up a locked down/firewalled connection at a remote location.
Optimum did say that they can limit what modem can be used at the location, but not the device connecting to the modem.
So so far the best way I have is to connect the modem to a dd-wrt router and configure the router properly. The problem is stopping someone from swapping in a different router.
Physically locking it up is a last resort option as it is not that secure.
I had asked them if they allow static mac mapping from their end, but they said no. They said if your modem can do it then that is up to you.
If we could get it that the modem can only connect to the routers mac, then everything would be secure.
Set up as it is, it should prevent any other MAC than that of the router from connecting. If their policy is as I think it is, then one would have to either reset the cable modem, or perform a DHCP release on the router before swapping it out with something else. Hence my suggestion for physical security.
I'm not sure whether they can control what modem you use. They probably indeed have MAC tables registering that of your modem to your account, so a modem with a different MAC won't work...until either you reset it, or call them and give them the new MAC address. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.
Are there any cable modems that allow me to configure them that only a device (the dd-wrt router) with a particular MAC can connect?
Thanks
You may want to consider custom firmware on your cable modem. Some Motorola modems has already. I'd suggest to start from here: http://www.sbhacker.net/forum/
If you install SB5100MoD on Motorola SB5100, you can enable internal DHCP Server and probably configure it the way you need. _________________ Belkin F5D8230-4 ver 1, 4MB Flash, 16MB RAM, FIC ID SA3-AGN0901AP0100.
CPU BCM4704KPB, Switch BCM5325A2KQM WiFi Atheros AR5416. Running dd-wrt.24_Atheros_wifi.
Are there any cable modems that allow me to configure them that only a device (the dd-wrt router) with a particular MAC can connect?
Thanks
You may want to consider custom firmware on your cable modem. Some Motorola modems has already. I'd suggest to start from here: http://www.sbhacker.net/forum/
If you install SB5100MoD on Motorola SB5100, you can enable internal DHCP Server and probably configure it the way you need.
I would not recommend this, as it may result in suspension of service from your ISP. Maybe not so much with custom firmware...but if it enables you to modify runtime parameters, then it's definitely against their ToS...when a cable modem connects to the ISP, it downloads a config file that tells it what channels to use, and at what rate to transmit/receive data. Modifying this file can potentially allow you to use the full bandwidth of your allocated channels, but WILL result in loss of service once they catch you, not to mention very likely legal action. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.