Preventing the ISP from detecting my Wi-Fi router

networking wireless-networking router internet wireless-router
7,124

To sketch your old situation:

Rooftop                                           Single win7 PC
with wireless --------- network cable ----------- with a fixed IP.


Desired situation:

Rooftop                                           TL-WR740N router
with wireless --------- network cable ----------- with the fixed IP 
                                                     |  |  |   )
                                                     |  |  |   )
                                              Win 7 PC  |  |   )
                                                        |  |   )
                                 Possibly other computers      Wireless

                                 Possibly other computers


  1. The wireless setup on the rooftop is configured to work with a single predictable IP on the other end of the cable.
  2. The new device on the other end of the cable it your new router.

This means that you want to configure your TL-WR740N router to use the fixed IP.


So much for setting up the basic configuration. Next is the detectable part. If your ISP does nothing strange then they will not notice anything weird and things should just work without ringing any alarm bells. If the wireless setup on the roof is a bit more complex and they can log in on it then this changes.

  • If they only take a quick look at the network then everything will seem to be the same.
  • If they take a more thourough look then they might notice that the device at the other end changed its MAC. This could be because you got a new PC (e.g. to a new windows PC or to anything else). If you configure the WLAN port of your TL-W740N to match the old MAC then this will not show up. *1
  • If they do a thourough scan which usually identified the hardware at the other side (e.g. using nmap then they will detect that your device suddenly has changed its OS to a router specific firmware.

The only realistic way to prevent this is by using a windows 7 PC in between. That should simply work, but it seems overkill to me.

Always safe situation:

Rooftop                       win7 PC the           TL-WR740N router
with  ----- network cable --- fixed IP and  ------- connected to the win7 PC
network                       two networks            |  |  |   )
                                                      |  |  |   )
                                        2nd win 7 PC /   |      )
                                                         /      )
                                 Possibly other computers      Wireless

In this case you will need:

  • Extra hardware in the form of a second PC running win7 (could be old hardware, but you want to have two network cards in it).
  • Set on NIC to the fixed IP and fake its MAC.
  • Configure a difference LAN on the other NIC and set up routing.

  • Connect the second LAN to the TL-WR740. This device and all behind it are invisible to your ISP.

  • Note that this uses the same MAC on two different networks, so this should not cause a conflict.

  • also note that you probably want to run a DHCP server. Either on the TK-WRT740N or on the win7 PC.
  • Setup will be simpler if you connect the second NIC from the first win7 PC to the LAN ports of the router (not to the WAN port).

*1: Note that this will kick your windows 7 off the network. a MAC is guaranteed to be unique. If you violate that and suddenly you got two 'identical' devices on the net, one the TL router, one the win7 PC then the network will get confused.

To fix that you will also need to change the MAC on the windows 7 PC, and pray noone else will use the same MAC. If you choose randomly and a visiting friends laptop just happens to have the value you choose then things will not work.

Share:
7,124

Related videos on Youtube

Rahul
Author by

Rahul

Updated on September 18, 2022

Comments

  • Rahul
    Rahul over 1 year

    Recently, I am facing an annoying issue regarding my Cable Network Internet connection. It is wireless. The Wireless Card is installed on the rooftop of my house and a Cat-5 Cable is directly connected to my PC LAN Port using RJ-45 connector. The internet works fine on my desktop PC by direct wired connection from the wireless card.

    But recently, I decided to buy a Wi-Fi Router and thats why I bought TP-Link TL-WR740N router so that I can access internet on my Laptop and Android Tab using the Wi-fi.

    How do I configure the router so that my ISP cannot detect the TP-Link Router ever in the future by any means? I heard that cloning the MAC Address of my PC to the router can work. But I am asking the best configuration steps so that my ISP cannot detect that I am using a router or not.

    By the way my ISP has given me a static IP Address (i.e. in Windows 7 TCP/IP Configuration Properties, IPv4 Address/Subnet Mask/Default Gateway/DNS Server addresses are given and I can see them anytime by opening the TCP/IP properties and the technician told me to do not set them to obtain those details automatically. What I know about this, the DHCP is disabled actually. Is it actually static IP or what?) And also the default Gateway Address is used for User Login Page where I can see my package details, Usage details etc etc.

    Please help me by giving the best solution. I will be very grateful to you. Thanks in advance.

    • Thalys
      Thalys over 10 years
      "Cable Network Internet which is wireless" Cable internet is usually docsis - which is never wireless. You also don't generally install wireless cards on roofs - they're inside systems or hanging off a USB port. This is... quite an unusual setup, and more details would be nice. I'm somewhat familiar with the very ad hoc way that local cable in india runs - so I'm guessing this might be your ISP sharing a single connection with many people, through less common methods. What's your 'Wireless Card'? and what's your IP address? This might help determine what this really is.
    • Rik
      Rik over 10 years
      Also... the first question is: will your ISP really block you if you connect a router? You can set your ip-details in the router at the WAN-side and just connect multiple devices to find out. If they are really trying to block a router it is probably by the TTL (that's decreased every time a signals goes over a hub/switch/router) and you would need the ability in the router to reset it to a set value..
    • Rahul
      Rahul over 10 years
      @Journeyman Geek, MY Internet connection ISP company is PMPL. They installed a Microtik RouterBoard 5.25 device on the roof top and they configure the Microtik Router Board using Winbox application. So, I cannot access the Configuration page of that Microtik RouterBoard device which is installed on the roof top. My IPv4 address starts with 112.112.10.* and default gateway is 112.112.10.1 which is used to access user login page. Please provide the best solution. Thanks.
    • Rahul
      Rahul over 10 years
      @Rik, ISP didn't block yet. I disconnected the router. I configured the router as first I connected my router to my PC using one LAN port and then I opened the configuration page of the router and first I changed the LAN IP address (which is used to login to the router config page). Then I disabled DHCP on the router. then finally I connected the main cable coming from Rooftop Wireless Card to another LAN Port of the router and then I switched on the Wireless card installed on the roof top. I was able to access internet over a week.
    • Rahul
      Rahul over 10 years
      @Rik.. but suddenly one day, a technician called me and asked me that if I changed my IP Address or not? I said No. Then he told me that their system is showing a IP address which is not actually they gave to me. That was the LAN IP of the router which I changed first time during the configuration of the Router which I changed during the first configuration of the router. please tell me, is there anything wrong steps which I did?
  • ganesh
    ganesh over 10 years
    Any idea's beyond 'do not do it' or 'if you do reset the time to live and encrypt anything to prevent deep packet inspection'?
  • Rik
    Rik over 10 years
    I answered a similar question a while back here. My first sugestion would be to check if the ISP really checks for a router and blocks the connection by just using the router and setting static ip if there is no need to login via a web page. If there is a need for a login page you could go for the extra win7 machine in between or a raspberry pi (or other linux-like machine) with a script to post to the login page. (1/2)
  • Rik
    Rik over 10 years
    (2/2) If the ISP really blocks the connection you'll need a router which can reset the TTL (like the DD-WRT) or use a Linux machine with iptables where you can reset it (as seen in my answer). If the ISP uses more advanced techniques like described here the only option i could come up with is setting up a proxy-server and using it. But as i said... before doing all that make sure the ISP is really blocking actively when a router is detected and i didn't see that in the question.
  • ganesh
    ganesh over 10 years
    1) I love the idea of DD-WRT or a rPI, but I went for a second win7 box to prevent OS finger printing showing another OS. 2) A good idea to suggest a low power using box like the RPi though. 3) Does a rPi have sufficiently fast networking? I know it is USB based and rather slow, but as long as it is faster then the ISP provides I guess this is not a problem. 3) If I could do +1 +1 +1 ... for the "make sure it is really needed before you ...." then I would hit that button several times.
  • Rahul
    Rahul over 10 years
    @Rik, they didn't block yet but suddenly one day, a technician called me and asked me that if I changed my IP Address or not? I said No. Then he told me that their system is showing a IP address which is not actually they gave to me. That was the LAN IP of the router which I changed first time during the configuration of the Router. I connected the router to the PC using One LAN port and connected the cable coming from the wireless card to another LAN port of the Router. I think the problem is in configuration. Should I clone the MAC and connect the main cable to the WAN port?
  • Rik
    Rik over 10 years
    @Hennes 1) Even if you use Win7 to NAT traffic, the OS fingerprinting would still be there on the WAN side. (only way to avoid that would be to completely rewriting the packets). 3) In the question i answered a rPi was used with a wireless usb-stick to receive the building internet and the Ethernet-connection was used to connect to a router (which needed to be completely hidden or else the connection was blocked). The rPi (model B) has a 100Mbps Ethernet-card and USB2.0 port so the USB2.0 would be the slowest but sufficient for many ISP-speeds. 4) Seeing the last comment hiding is not needed.
  • Rik
    Rik over 10 years
    @Rahul Oops, yeah... in that case i don't think your ISP would mind a router then... (They do mind if you clutter their network with external ips)... You need to use the WAN-port of the router to connect the wireless rooftop device. Set the external ip (and gateway and DNS) of the router (static) to what was given to you (or what was in your PC) like in the first situation in this answer. Set the routers DHCP to on and every device connected to it will get a new ip address on a different range than your external ip. (also set that original computer to use DHCP to get a new ip).
  • Rik
    Rik over 10 years
    @Rahul I connected the router to the PC using One LAN port That's correct. connected the cable coming from the wireless card to another LAN port of the Router. That's where you went wrong and the ISP could see a second IP on their network. Just use the WAN-port to connect to the wireless and the problem goes away. I don't think they even care about MAC-addresses. Just make sure to set the external ip, dns and gateway of the router to the numbers you've got and connect only you own devices to a LAN-port setting them to DHCP to get a new ip from the router.
  • Rahul
    Rahul over 10 years
    @Rik, thanks a lot. then I'll clone the mac first and then in WAN-section I'll put the IPv4 address,Subnet Mask,Default Gateway,Dns values which are provided by my ISP.Those values I can see into PC TCP/IP Properties.Then in router I should enable the DHCP and then in PC, I should change the the TCP/IP Properties value to obtain automatically.Am I right?Please confirm me that after doing these steps, my ISP cannot detect my Router anymore.As I dont want they can detect I am using Router.Maybe then they will block me to access internet.Thats why I am worried that if they can detect the router.
  • Rik
    Rik over 10 years
    @Rahul You are right about the steps. However, the ISP will still be able to detect the router if they are really checking for that. I don't think they really do (they only mentioned it to you because they saw a double/second IP address). If you really want to hide the router it would involve a lot more like a second (Limux) machine which would rewrite all traffic before pushing it out on the external connection. (this requires some very advanced tweaking and only necessary if they really block you) (1/2)
  • Rik
    Rik over 10 years
    @Rahul (2/2) For now, i wouldn't care so much about it. If they are really checking for a router they will not block you indefinitely (just for an hour or 2) and you can remedy the situation. In that case just go back to the old situation and make a new question specifically specifying the ISP is blocking you with a router. It's not in their interesting to completely block you forever (they'll loose a customer). It's more likely (if you only take that one IP-address) they just don't care if you have a router behind it. Unless they already said something to you about not allowing a router.
  • Rik
    Rik over 10 years
    @Rahul There is another potential problem though. Do you need to login each time you use the internet?? If so... after setting this up (with a router) it could be you can't reach your login-page anymore. In that case you would need to use a separate Windows/Linux machine (with 2 network cards) like Hennes's answer, on which you need to login (a real drag to do each day, if the time-out is a day). For now... Just connect everything like we discussed above and let us know if it works.
  • Rahul
    Rahul over 10 years
    @Rik, thank you very much for your all swift replies. You really helped me not to worry about these. You are right, here I am using the router for my own devices not for others so why should they ask or block my router? May be for the wrong configuration there an IP conflict was occured. Thats why they asked me if I changed the IP or not. I hope this time after right configuration they will not mind anymore. Thanks once again for quick replies and support from you. Take care.
  • Rahul
    Rahul over 10 years
    @Rik, one more thing I want to know. Just I am curious to know about the cause. That is, sometime when I start my PC and then after connected to the internet, when I open browser then any web page shows "page load error". Then if I access the Default Gateway address i.e. the user login page and just do sign in using the username and password then my Internet goes fine and then I can access internet. Can you explain about it? Just curiosity.. :)
  • Rik
    Rik over 10 years
    @Rahul Is this once a day? It could be they force you to login once a day. In that case a router might have trouble connecting (because it can't do a login via that page). If after setting this up you can't reach the gateway-page you might need to put a computer between the router and wireless (with 2 network cards) and you would need to login once a day manually (or write a script to do it for you). Let us know if this setup works (and still works after 1 day). If it stops working after 1 day you'll need a solution for the login-screen.
  • Rik
    Rik over 10 years
    @Rahul BTW. If you do need a separate Windows machine (for the login-page) this doesn't have to be a complete other system (like in this answer). You could use your current Windows machine (you'll have to put in a second network card though, but this is much cheaper than a new system) and use that to connect your router.
  • Rahul
    Rahul over 10 years
    @Rik, it occurs not only once in a day, but everytime I shutdown my PC and after sometime when I open my PC again then for the first time after connecting to the internet, I have to access the login page using the default gateway address. Then until I shutdown my PC, there is no need to access the login page again, everything goes fine. It happens in direct connection. Actually I am using direct connection now, not through the router. I'll configure the router after my dinner and I'll confirm you if it occurs any problem through router also or not.
  • Rahul
    Rahul over 10 years
    @Rik, so you are suggesting to install another NIC in this PC and connect the router through the new NIC? Then after new NIC installation, how would I configure the router to the new NIC? I'll connect the main cable coming from wireless card to the PC LAN Port and the Router should be connected to the New NIC LAN Port? Please explain the network Configuration as the steps you provided, I dont know anything about that.
  • Rik
    Rik over 10 years
    @Rahul If needed yes... The setup is quite easy in Windows 7. Your Windows 7 (and second NIC) will have a small DHCP-services running on it (no need for extra installs, this is standard in Windows 7 if sharing a connection). You'll share the internet connection from NIC1 (connected to the wireless via a cable) with NIC2 connected to the router. In that case you could connect the NIC2 with a LAN-port of the router and you can disable DHCP on it, and set the router static ip in a range of the NIC2 (e.g. 192.168.1.3). (1/2)
  • Rik
    Rik over 10 years
    @Rahul (2/2) You could also use the NIC2->WAN-port router and leave DHCP enabled. Router external ip could be set as obtain from DHCP (from NIC2). In that case the devices connected to the router can't reach the Windows 7 computer (Win7 is only used for forwarding traffic). But that might not be a problem for you if internet is all that's needed.
  • Rahul
    Rahul over 10 years
    @Rik.. thanks a lot. I'll then buy a NIC and install it to this PC and then I'll configure the router through the 2nd NIC as you told. Thanks once again for all the helpful replies. :) take care.
  • Rik
    Rik over 10 years
    @Rahul Ok, as a final note... (but unfortunately unavoidable with a login-page system like yours) your Windows 7 machine needs to be on when using the router. But because you'll have to go to the login-page (on that machine) anyway when your connection dies (maybe as a result of a time-out) that's not a problem. You could even run a script regularly to make sure the connection is maintained. But you need to figure out way and when the login is required. If it's only once at startup it's not a problem (leave the machine on). If it's once a day make a script for it. Good luck with the setup.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using D-Link 2750U WIFI Router for WIFI
Only one wireless connection allowed Internet
Is it possible to merge two internet connections by using two modems and connecting them to a single router?
Will my internet speed decrease if I connect two routers together?
Slow Download - fast upload on cable and wifi
Why do my speeds fluctuate from decent to unusable while on wireless?
ASUS router EA-N66R has different subnet mask than laptop
Laptop won't work with WPA encryption
4G Wifi Router vs 4G USB dongle
Configuring a Wired Access Point - Linksys WRT54G