Trouble configuring static ip to meta quest 3

duceduc · January 3, 2025, 9:50am

Hello. I have a TPLink Archer C7 v4 wth openwrt firmware 23.05.2

I've set a mac address filter Allow Listed Only and has been working fine. I was able to add a few devices with no issues. There has been no changes to the gui for quite sometime. Recently, I've purchased a Meta Quest 3 and it can spoof the mac address. Similar to the iphones.

I have set the Quest to use the original mac address and added a static ip in the gui like I have done in the past for other devices. The Quest connects successfully and I can see the assigned ip address. However, after a few minutes, the device would say connected, but unable to access the internet. Something to that affect. I have spend most of the day trying to figure out why it will not connect like the others. If I select the option to set a spoof mac addresss, the Quest connects and stays connected. I need to assigned a fix ip so I can control my child's playtime.

Can anyone point me where I should be looking as to why it does not work using the original mac. Thank you.
I have tried factory reset the Quest and rebooted the router.

Update: meta tech is no help. They say it is my router config and is out of their scope of support.

brada4 · January 3, 2025, 11:55am

Disable MAC filter, anyone in vicinity can spoof past it after quick traffic observation. Ie it is not a security measure by any means.

mk24 · January 3, 2025, 11:59am

A modern OS really wants to use random MAC in the interest of user privacy. You can reserve DHCP by hostname instead of MAC. Since users can spoof hostnames or MACs though, the only real way to firewall a user or group is with a separate network.

duceduc · January 3, 2025, 12:00pm

@ brada4
It was not setup as a security, but for my child had figured out how to change the iphone setting to use a random ip of that phone. To only allow a list of ip, he will not able to change ip address.

duceduc · January 3, 2025, 12:02pm

@ mk24

You can reserve DHCP by hostname instead of MAC.

I did read about that. Couldn't figured out where in the tabs to setup.

brada4 · January 3, 2025, 12:03pm

They only grow smarter. Learn to trust them.

duceduc · January 3, 2025, 12:55pm

Oh. I found the tab where to input the hostname. Seems to be working now. Got a fix ip address, using random mac, and the dns populated with my pihole ip.

brada4 · January 3, 2025, 1:37pm

If I was your kid i'd be changing device name by now.

slh · January 5, 2025, 9:11am

The next thing he will learn is spoofing the MAC address of one of your white-listed devices. MAC filters are no solution. Give him his own ESSID/ PSK with all the filtering your desire and keep him from your primary ESSID, which isn't going to deter anyone with time, dedication and physical access to router or one of your own devices either, but at least it's not as snakeoil'ish as a MAC filter (for which no physical access is even required).