put the device on a secure vlan that has no wlan access
Homelab
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
Depending on your router, you should be able to simply block all outbound connections for the IP address the printer is assigned. Usually under firewall settings somewhere.
If you're viewing all that from your PiHole, you should be able to blacklist the domain straight from that interface.
use the pihole, block the domains it's reaching out to
If you are seeing it in PiHole, you can just block it in PiHole, that is part of the purpose behind it. Find it in the list and select block.
This might work for some devices but it won't work for devices that phone home using IP instead of a domain.
Very few services would set themselves up this way. Putting IPs into device firmware/software limit the ability for the companies to change without rolling out updates and tracking adoption, etc.
I’d be curious to know if any common or popular devices are known to use IPs to phone home.
Agreed.
Also, if you are running PiHole, HOPEFULLY you are also running a firewall. You should be able to easily block the IP address and / or domain at that level as well.
Of course the other option, as others have mentioned, is to get rid of the default gateway so it can't access the Internet to begin with.
MS Windows uses IP addresses for some things, last I checked.
Consumer thing: if you are running a fritzbox router: there is a checkmark in the network tab for the device to block internet access for it.
this also works for Asus routers
Give it 127.0.0.1 as its default gateway or block it at your router.
Some more details may help here.
What printer is it and what’s it reaching out for?
As said, setting up static ip and removing the gateway will usually be enough. Vlans are the better option but steeper learning. I’d be interested to find out what it’s doing though. Knowing what you’re working with may help others advise you more specifically.
If it’s checking to find time or for updates then it’s probably harmless. Do you need internet to enable any features like remote send or monitoring and the like?