# How to setup "Access Control" for my children



## Vako (Mar 23, 2011)

I have a D-Link DIR-615 and am trying to set up the Access Control so that I can restrict Internet connection from midnight till morning (to keep my teenage kids from staying up half the night on the Internet)
Anybody have any step-by-step advice on how to do this please...?
I can step through the Access Control set up, but I don't see how I can block only one MAC address or computer from accessing the internet at specific times.
Appreciate any advice...


----------



## rodcarty (Mar 23, 2011)

I've tried to make various options like access control work in various D-Link routers, talked to their support people including second level support, etc. and it doesn't work. Some things, when enabled, work partially but break other things too. The 615 is one of the models I tested and it's hopeless. You might be able to get it to work with a Cisco WRV-210 but even that doesn't give you the ability to restrict access for only certain computers. Generally if you want this level of control you need to go to some higher end security product like a Cisco ISR 1900 router.

Hmm, and here I am posting this at 2:02 am..


----------



## sludge3000 (Oct 9, 2008)

Hello Vako,

Maybe that's so you don't stay up all night on the internet 

Anyway, I have one of these from my old house. Had a quick look and on mine I could do the following:
Access router as admin
Go to the 'Advanced' tab
Go to 'MAC filtering'
Select to deny access to the listed machines
Enter the MAC address then set the schedule for the appropriate time

Let me know if this helps.

EDIT: PS Don't forget to change the default admin password to prevent the kids resetting everything


----------



## Vako (Mar 23, 2011)

Thanks for the reply and instructions. However I don't see the same options on my D-Link. Perhaps you are using a different version? mine is DIR-615 model.
i.e.: when I go to Advanced, I don't see MAC filtering.


----------



## sludge3000 (Oct 9, 2008)

Mine is DIR-615. Running Firmware version 1.0 I believe. Check the other tabs but it should be there. Will double check and post a screenshot when I get home.


----------



## Soundy (Feb 17, 2006)

Depending on the exact hardware revision, the DIR-615 will support DD-WRT, a third-party firmware that gives a LOT more functionality, including advanced access control. 

FWIW, I could never get certain parts of the access control (specifically, restricting access to listed websites) to work on my older DIR-655 either.


----------



## rodcarty (Mar 23, 2011)

One word of caution when using third-party firmware: it is quite possible to "brick" the router by doing this. That is, you can make it non-functional and unrecoverable, ie., turn it into a brick. Be prepared for the possibility of having to replace the router if things don't go smoothly.


----------



## sludge3000 (Oct 9, 2008)

Please see screenshot attached. Dlink DIR-615 Firmware version 1.00VG. You may need to update the firmware to gain the functionality.

If that's not the case I'd complain to whoever provided the router.


----------



## Vako (Mar 23, 2011)

I think we have two different router versions my friend. Mine is DIR-615 ver. C1 with latest firmware 3.13NA (please see the attached image)

After 'playing' with it last night, I came-up with the following solution:
1. In the Tools tab, create a schedule of Internet access times (I called it evenings) remember it's 12hr time, i.e.: it shouldn't span midnight!!
2. In the Advanced tab, create an Access Control with a specific computer's MAC address, a block filter and the schedule that you created in step 1.
3. Enable that Access Control.

I still have to test it tonight...will let you know if it works or needs tweaking.


----------



## Soundy (Feb 17, 2006)

rodcarty said:


> One word of caution when using third-party firmware: it is quite possible to "brick" the router by doing this. That is, you can make it non-functional and unrecoverable, ie., turn it into a brick. Be prepared for the possibility of having to replace the router if things don't go smoothly.


This is true, but the risk is generally overstated. Some routers require more complex steps, but the DIR-615 is very straightforward to flash with DD-WRT. Make sure you have the right build for the specific hardware version of your router, follow the posted instructions, and there should be no issue.


----------



## Vako (Mar 23, 2011)

How can DD-WRT help in this case? the bad thing about it is the advertisements that they display to keep it free. I personally don't like any ads on my screen!
But interested to know how is it different than the MAC address blocking that the router has already.


----------



## Soundy (Feb 17, 2006)

Vako said:


> How can DD-WRT help in this case?


Well, the filtering is certainly a lot EASIER to set up than D-Link's (I have a DIR-655 and two DIR-615s, it's horribly convoluted in both models). And it WORKS. Access restrictions have been hit-and-miss for me with the D-Links, even with the latest official firmware.



> the bad thing about it is the advertisements that they display to keep it free. I personally don't like any ads on my screen!


Uh...?? I see no ads on my DD-WRT'd routers. There's a "Donate by PayPal" button at the bottom of the status page... other than that, no ads, banner or otherwise, on any of the config pages. Not that any of them would be visible to the users anyway, if there were any.



> But interested to know how is it different than the MAC address blocking that the router has already.


It does all the same TYPES of filtering - allow/deny clients based on MAC, IP, hostname... website and IP address blocking... all controllable by schedule. The difference is, it's all on one page, and it WORKS. My experience doing this with DIR-model D-Links, you have to go to one page and create your schedules, then to another to set up your policies... seems to me I was limited to doing MAC *or* IP filtering, but not both. And I could never get the site filtering to work (attempting to block specific URLs and IPs).

Beyond just the filtering, there's a lot more functionality and extra features.


----------



## Vako (Mar 23, 2011)

Soundy said:


> Uh...?? I see no ads on my DD-WRT'd routers. There's a "Donate by PayPal" button at the bottom of the status page... other than that, no ads, banner or otherwise, on any of the config pages. Not that any of them would be visible to the users anyway, if there were any.


On their website: http://dd-wrt.com/site/dd-wrt_privacy
they specify: _*"To keep the service free, advertisement will be unobtrusively displayed while you are surfing the Internet."

*_If it was reversible or an uninstall option available for DD-WRT, then I would give it a try, but being a firmware upgrade, it's kind of risky.


----------



## Soundy (Feb 17, 2006)

Dunno what to tell you... I've never noticed any ads through my DD-WRT routers that I haven't seen on any other router or public access point.

And yes, it is reversible - just reflash with the factory firmware.


----------



## Soundy (Feb 17, 2006)

Ah, I looked at your link: they're not talking about DD-WRT firmware, they're talking about "DD-WRT Privacy", which appears to be a separate proxy or VPN-type software product for Windows.


----------



## Vako (Mar 23, 2011)

Thanks for the info, I downloaded the right bin file from their site and tried to upload it to my router and it failed, stating that this is not the right firmware. I looked at the forum and Wiki and followed almost all directions without any results. I have to skip it this time and see if my solution will work only using D-Link's access control that is already setup.


----------

