Back to Help and Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

SecureNet very simply bypassed on Broadband

runciblehat
2: Seeker
2: Seeker

‎16-10-2024 08:47 AM

Just moved to Vodafone with Ultra Hub and very happy with the service so far. The only issue I have is with parental controls using SecureNet. The service appears to work using DNS filtering but this is very easily bypassed by any child who can simply change their DNS servers on their device from the ultra hub (which is assigned by dhcp) to - say - Google on 8.8.8.8 and this then bypasses all the controls, rendering the service useless.

This can be fixed by adding a simple firewall rule to permit only dns traffic only to 192.168.1.1 (the hub) and block everything else. However, on the firewall page there is no options other than a toggle button to turn the firewall off (and who would do that !!!). Is there a way to add such a rule please?

0 Thanks
4 REPLIES 4

Cynric
16: Advanced member
16: Advanced member

‎16-10-2024 09:42 AM

@runciblehat Did you change the password to the router/hub so that only you can alter the settings?

0 Thanks

chistery
16: Advanced member
16: Advanced member

‎16-10-2024 02:08 PM

SecureNet is not worth paying for.  Most phones have some kind of parental controls built in. 

Vodafone just hope by not making it opt in, and not allowing users to remove it at point of sale, they forget and it's easy money.

0 Thanks

runciblehat
2: Seeker
2: Seeker

‎16-10-2024 04:35 PM

Well @chistery I'd hate to agree with you but when a service has such a basic flaw it's hard not too ☹️. They do seem to have spent a lot of time and effort on the product though, and having a single control point across mobile and home is a real bonus - but not if it doesn't work!  I've also now noticed that the service relies on MAC addresses to identify devices, but with modern MAC randomisation used by Apple and now in Windows 11, it's another simple way the service just gets bypassed. It makes me want to just cancel my service whilst in the cooling off period as I feel I've been mis-sold something. Would do better buying a basic wires only service and using my own router where I can build my own controls.

0 Thanks

drekbour
2: Seeker
2: Seeker

‎16-10-2024 10:48 PM

I'd love someone to answer your actual question here about the firewall config. On my previous provider's router, FW rules were set to deny TCP/UDP 53 except for the single pihole service. It made a big difference as a lot of apple/google devices bypass the configured DNS server if it isn't letting them track/advertise you.

Is there any way to do this with a powerhub?

0 Thanks