Is connecting a factory defaulted router a potential vulnerability?
-
Hi, I am admittedly a newbie, I have been running a home network on pfsense 2.4.4-RELEASE-p2 for a couple of weeks. I am pretty happy with it and learning. But today I brought the entire network down by plugging in a factory defaulted linksys E1500 wifi router. It took over the LAN 192.168.1.1 (my pfsense lan ip) and killed everything else, so I had to disconnect the E1500 and reboot pfsense. Is this normal? How do I prevent this in the future, when all I want is to add say an access point whith the default IP that happens to match my pfsense box?
Thanks,
-
Since you know it was an address conflict, just change the E1500 address.
-
I didn't know until it crashed the network.
-
Use a non common IP for you pfsense setup... I use .253 as pfsense IP vs the normal .1 or .254 for a /24
Nor do I use the typical 192.168.0 or 192.168.1 networks either
-
@johnpoz said in Is connecting a factory defaulted router a potential vulnerability?:
Use a non common IP for you pfsense setup.
Or better yet, fire it up on it's own and see how it's configured. He'll have to configure it anyway, before placing it on an existing network.
-
^
Also very valid option/point -
For connecting new devices I have separated two ports on my switch into a single dedicated VLAN. So I connect the new devices to one of these ports and patch the Ethernet connection of one PC to the other port, this way they are in their own L2 and can't impact the network.
Another solution is to use a Laptop and connect a new device there first for setup purposes. Just don't connect a device with unknown/conflicting settings to your production network.