Trying to Setup Rogue Network for Use with Phillips Hue Lights in Dorm

Hubes · Sep 23, 2017

Hi all,

I'm currently a student at The Ohio State University, and I have a problem with my Hue lights. Basically, the standard campus WiFi does not allow device-to-device communication. With 40,000 connections, this makes sense. However, this means that using any computer or phone to connect and change the Phillips Hue lights does not work. We have tried calling the campus IT desk to whitelist the MAC addresses of the lights and our phones (i.e. allow them to communicate by manually allowing device-to-device communication amongst those MAC addresses), but they refused. So, naturally, we bought a $20 mini router (GL-MT300N-V2) to set-up as a bridge between campus internet and our devices, which would essentially set-up a "new network" (different SSID and different connection point; same internet) that we could connect our phones and lights to.

As far as networking settings goes, how would you guys go about doing this? We turned on bridge mode on the networking webpage, which configures the router to not DHCP lease, but this hasn't worked. As soon as we set it up, the connection just fails, and the router's networking page does not even load. We're stuck. Can somebody try to point us in the right direction?

Thank you!

EDIT: The only internet connection available here, with or without an additional router, is the campus internet. I'm unable to setup a modem and route an additional internet network into the dorm.

vrumor · Sep 23, 2017

No one here can or will help you bypass your schools network. If they wanted you to use it, theyd let you.

Hubes · Sep 23, 2017

vrumor :

Nobody is "bypassing" anything. I'm setting up a connection point which will allow device-to-device communication between devices on the network. I called my IT department and they were fine with me setting up a router so long as it didn't DHCP lease.

55,000 students go here. 10,000 faculty work here. Not allowing d2d communication on a network serving that many people is common sense.

USAFRet · Sep 23, 2017

"We have tried calling the campus IT desk to whitelist the MAC addresses of the lights and our phones (i.e. allow them to communicate by manually allowing device-to-device communication amongst those MAC addresses), but they refused. "

You have your answer.

Hubes · Sep 23, 2017

USAFRet :

I called my IT department and they were fine with me setting up a router so long as it didn't DHCP lease.

???

USAFRet · Sep 23, 2017

Hubes :

"Basically, the standard campus WiFi does not allow device-to-device communication."

So then your little subsystem needs to be its own network, completely disconnected from the campus network.
What problems are you having setting this up?

SkyNetRising · Sep 23, 2017

DHCP lease is the key there. Without it, you need to configure IP settings for each connected device manually.
1. Your router doesn't have to be connected to school network.
2. Set DHCP on and connect HUE lights control device to your router.
3. Connect your phone via wireless to the router and control your lights.

Solandri · Sep 23, 2017

Set your mini-router up as an independent router. That is, nothing plugged into its WAN port. It will have no Internet but will provide a WiFi hotspot. Attach your Hue lights to this network.

Continue to use your school's network with your computers and phones as before. When you want to tweak your lights, you'll have to switch your phone from the school's WiFi network to your mini-router. Then you can control the Hue lights.

If you want to be really fancy, you could use the VPN functionality on your mini-router (if it has one) to connect to an external network, then use your phone's VPN capability to connect to that same network, and control the lights that way. But frankly that's probably more trouble than just temporarily switching which WiFi network your phone is connected to.

Hubes :

If your router is not doing DHCP, then you're relying on your school network's DHCP server. And you've already said they won't allow device-to-device communications, so it won't work. Basically your school is OK with you using the router as a switch. That doesn't help you.

Hubes · Sep 23, 2017

USAFRet :

Unless I'm out of my mind, I would imagine the reason they don't allow d2d communication by default (and also the reason why they don't allow MAC whitelisting) is due to the fact that we have almost 60,000 people connecting on a daily basis. Even if 10% of the campus called for MAC whitelisting, that's 6,000 tickets.

When I configure the router, after setting it to bridge mode, I don't receive a wireless connection to the router, and my wired connection yields errors at each webpage I try to visit. The errors report that I am not returning a secure connection. I believe the problem is that I'm attempting to set the router as a WISP repeater instead of a WDS repeater. I'm extremely ignorant when it comes to networking, but from the basic research I've done, WDS allows for the router to pass 100% of the information from the root connection (in this case, the campus WiFi), while WISP transmits the signal only, but not enough information to connect to a network that is otherwise encrypted (needing student login information). When I try to set the repeated to WDS, it asks me for a LAN IPv4 address. Like I said before, I'm extremely ignorant when it comes to networking. Does this just mean I need to reserve an IP address(es) for use by my router? And if so, does this mean I need to somehow reserve IP addresses from my campus network.

Thank you,
Johnathan

USAFRet · Sep 24, 2017

Yes. They cannot and will not help you, and the other 60,000 people, to configure something not directly related to the school network.

You can set up a completely disconnected router, on its own little network, doings its own DHCP.
Connect to it via your phone or whatever, and control your lights.

However...when you wish to use your phone or PC to connect to the outside world, then you have to disconnect from your router that controls the lights, and connect to the school network.
Can't do both at the same time.

Hubes · Sep 24, 2017

Solandri :

I've read that if DHCP leasing is on, my entire dorm's network could go offline. I need my phone and my Hue bridge (it's a little white box that acts as a home device to all lights on the network to communicate with another device externally) to be connected to the same internet. Will connecting my dorm's internet to my router via LAN whilst DHCP leasing is on carry a risk of destroying my dorm's network?

Hubes · Sep 24, 2017

USAFRet :

I'd then need a modem with a different internet connection, correct?

USAFRet · Sep 24, 2017

Hubes :

Absolutely yes.
Your dorm DHCP server is serving up IP addresses.
Your personal router is also serving up IP addresses.

If they try to give the same IP address to different devices (and they will), on the same dorm LAN....someone is going to be unhappy.

It's like 2 houses, in the same city, with the same exact address. Whose mail goes to which house? "Oh, I didn't get my electric bill. It went to the wrong house."

USAFRet · Sep 24, 2017

Hubes :

Which you probably cannot get in the dorm building.

Hubes · Sep 24, 2017

USAFRet :

$80,000 in student debt and can't set up my own lights. Tragic. Thank you for your help and thank you for your service.

USAFRet · Sep 24, 2017

Hubes :

Sorry I couldn't be more help.
But if those lights require conversation with the outside world, and your school IT dept won't allow it.... ¯\_(ツ)_/¯

Hubes · Sep 24, 2017

USAFRet :

The only reason I keep messing around with it is because the IT dept. DID say that eight Hue bridge MAC addresses (they all start with 17:00:88 or something like that) have been registered on the network, so there is a way! I just need to figure it out. Hopefully I'll update this thread sometime down the road with an answer!

USAFRet · Sep 24, 2017

Hubes :

Then you need to talk to the right IT guy.

There are two people in that sort of job.
Those that say "No", and those that will say "Yes"

The ones who say No are far more abundant. It is much easier to say "No, go away", than it is to say "Yes, let's work through the issue".

Solandri · Sep 24, 2017

The reason they don't allow device-to-device communications is that students could use that to hack other student's computers. (Actually anyone knowledgeable about networking could still do it, but the method they're using to block it is good for stopping the 99% of would-be script kiddies who don't really know how any of this stuff works and just want to create mischief with little to no effort.)

IT knows your Hue devices are connected to the network because they're not subject to this D2D restriction. Their servers need to be able to talk to every device to properly manage the network.

Hubes :

That's the million dollar question. I seriously doubt the Hue lights actually need an Internet connection. If they did, then you would lose control of your lights any time the Internet went down, or if these were installed off the grid (like on a boat).

More than likely, the lights simply need an IP network to function. That's what your router creates on the LAN side, regardless of whether the WAN port is plugged into the Internet or to another network or to nothing.

Ralston18 · Sep 24, 2017

$80,000 of student debt and you are spending money on Hue lights etc.?

And in a dorm with all the possible problems of breakage, theft, etc..

Not a criticism - just wondering.....?

Trying to Setup Rogue Network for Use with Phillips Hue Lights in Dorm

Honorable

Judicious

Honorable

Titan

Honorable

Titan

Titan

Illustrious

Honorable

Titan

Honorable

Honorable

Titan

Titan

Honorable

Titan

Honorable

Titan

Illustrious

Titan

Share this page