Actiontec MI424WR (Rev E) MAC filtering issue
myropod
Enthusiast - Level 1

I tried calling Verizon yesterday, they said they didn't support this issue.  I emailed Actiontec for support, they said it might be a bug and I should talk to Verizon.

Anyway, I'd like to point out that everything works fine until I tamper with this setting, so it's not a critical problem.

My problem is this:

When I log into my router, go into wireless settings > advanced security settings > wireless mac authentication, I click on "enable access list", then "accept all devices listed below", I enter the MAC address for each of the devices I wish to connect to the internet.  (If it helps, these are the devices I'm trying to connect:  One Mac with OS X 10.5, one PC with Windows 7 Home Premium, and one iPhone.)  But when I submit the change, only the first device remains on my list (my Mac), and that's the only device that will connect to the internet.  The MAC addresses for the other two devices disappear from my list.

I've tried rebooting the router and everything, but I always have the same problem.

So, does anyone know if this is a bug in the firmware for the router?

This is the response I got from Actiontec:  "This could be a bug so please contact Verizon with your findings so they can look into it. Verizon owns the rights to the router, we simply manufacture it to the specifications they require.  If the bug is identified they will request new firmware from Actiontec and in due course a new firmware will be released."

Thanks!

10 Replies
dslr595148
Community Leader
Community Leader

There are two main things you should know about MAC Filtering.

#1 MAC Address(es) are always sent in the clear regardless of the type of encryption (WEP/WPA).

#2 MAC Address(es) can be spoofed / cloned.

I would not recommend using MAC Address Filtering. Just use WPA, if you can. If you can not use WPA, use WEP.

myropod
Enthusiast - Level 1

Oh okay, thanks.  I knew about #2, but not about #1.

I'm currently using WPA2, and I've turned off SSID broadcasting as well.  That's probably enough security.

Thanks for the advice!

anis2k
Newbie

FiOS Actiontec Wireless MAC Filtering Broken, Actiontec Forgetting MAC Addresses, MAC filtering not working.

FWIW,

I'm having the same problem as the original poster. My router used to remember all my MAC addresses and now it only remembers a short list. It will show an address that I have just added in the list box but will forget it later on. Which makes it a pain to do things like print a document to my wifi-enabled printer, grab the wifi connection on my phone or try to connect when I bring my work laptop home. Luckily my main laptop is on the short list of remembered addresses.

I have WPA2 enabled with a very strong password. I have locked down nearly every other aspect of the router. I've always used MAC filtering as just another line of defense. This USED TO work. Now nothing will fix it.

I've had the router for 2+ years, have never manually updated the firmware, yet the firmware is up to date. I'm guessing there have been firmware updates pushed down by Verizon that broke this functionality at some point.

It looks like my only option now is to disable the filtering and try it in the future when I notice the firmware has been upgrades.

0 Likes
cmer11
Enthusiast - Level 1

Is NOT a bug, the list CANNOT be done over wireless, you have to be plugged directly to the router in order to be able to do the list.

JCPA1
Newbie

OK, so not a bug, but definitely a functionality limitation.  Will Verizon/Actiontec fix this so that mac address security can be part of the security setup for wirelessly configured routers?

0 Likes
swmkygp
Newbie

It has been working for me but found that it's limited to only 10 MAC addresses entered into the access list.  I had to switch to WEP.  Will see if I can use WPA.

0 Likes
AA1208
Enthusiast - Level 1

Hi, You have to be making the changes to the MAC Filtering on a WIRED connection. I wish all the technical material had made this clear. Anyways, figured it out after a day's tinkering and thanks to one of the posters on this chain. Good luck to everyone who has had this issue. Just use a WIRED connection to make the MAC Filtering changes and you will be fine.

0 Likes
tripower
Newbie

IT IS A BUG!!! Just how are you supposed to have a wired connection to your totally wireless devices such as iPads, Androids, iPhones, etc? I just love the geniuses here who either don't know how to setup MAC filtering or how it is used make comments about something they nothing about.

0 Likes
smith6612
Community Leader
Community Leader

There is a reason why you don't want to manage APs/routers over a Wireless connection, and that might be the exact reason why the list is not edible for users who are administering the router on an all-wireless network (ouch). Since Wireless MAC Filtering requires restarting the daemon responsible for managing the Wireless radio, when you press the Save button you are running the risk of not only a potentially shoddy wireless connection to begin with, you are also risking hosing your configuration file if during the application of settings (which sometimes can brick the router), the wireless link goes down. Honestly, if a trip to the router to make a configuration change is too much to ask, you should probably consider some other avenues to keeping intruders out of the network.

There are some routers running software that wait a few seconds after data is sent to them before applying the new settings for those just-in-case moments, which the FiOS routers may do. I know my MI424WR with DD-WRT takes about 6 seconds from pushing "Apply" before it starts running the task I assigned it, even if the UI shows it was completed instantly, and that is intentional by design.

Now if this problem is truly a bug or if it is by design, I couldn't tell you since I do not have FiOS here or run the firmware on my ActionTec MI424WR.

0 Likes
APD2
Enthusiast - Level 2

I have the same problem as the original poster.  It apparently began on Jan. 17, 2012, when Verizon forced a firmware upgrade to the MC524-WR router in my home, upgrading the firmware to version 20.19.8.  After being stonewalled by Verizon tech support, I tried an e-mail to ActionTec tech support.  They responded almost immediately with the assertion: "When entering the MAC Addresses for wireless devices, it must be done from a computer connected by ethernet to the router. You cannot add MAC Addresses from a wireless connected computer. You should be able to enter a maximum of 10 MAC Addresses to the filter."

I doubted this, since I've had no trouble in the past configuring MAC filtering from a wireless connection, and even now I can do so as long as I don't try to put more than one MAC address in the ACL.  However, we dutifully hauled a computer down to the basement and reconfigured it with a wired Ethernet connection to the Verizon router.  Lo and behold, in this configuration we could put two MAC addresses in the ACL without problem.  Being on a wired connection does make a difference!

So, based on my experience, it seems that MAC filtering can be turned on or off and a single MAC address can be placed in the ACL from a wireless connection, but to put more than one MAC address in the ACL requires a wired connection to the router.  This seems weird to me, but it's hard for me to imagine them doing this by accident.  They must have designed it this way on purpose.

Anyway, I now have the MAC authentication configuration back the way I want it.  I should be OK until the next time FIOS fails and Verizon makes me do a factory reset on the router before they'll believe the problem is at their end.

It would be nice if Verizon/ActionTec would update the user interface on the router to make this restriction clearer, rather than appearing to accept the additional MAC addresses into the ACL and then silently discarding them when the change is applied.

0 Likes