G400 PoE security

MrMT1 · March 17, 2026, 1:05pm

I like to buy a G400 PoE doorbell.

Since I think it’s risky to run a Cat cable with full network access outside the house, I’d like to secure it. Are there options like VLAN or 802.1X or something else?

absent · March 17, 2026, 2:57pm

VLANs and 802.1X are something you set up on your network, not the device. You could configure 802.1X MAC based authentication on your network and on the switch port your G400 is connected to only allow connections with the G400’s MAC address.

MrMT1 · March 17, 2026, 4:28pm

Well 802.1x has MAC-bypass, but this is just for comfort and not safe. Normally you use EAP-TLS certificates or username/password EAP auth.

absent · March 17, 2026, 5:03pm

If you want PAP or EAP authentication, no it doesn’t. It’s a consumer grade product afterall.

cezary806 · March 17, 2026, 5:26pm

You can always brute force the security on this. Just glue the cable to the G400 with a strong adhesive and use the mortar to glue the cable to the wall. There is no way anyone would try to access your home network with this setup, or at least if anyone tried, they will obviously notify the neighbors.

Many crimes (like accessing the ethernet cable on the outside) are opportunistic crimes. And in the setup I suggested, there is practically no way to access the network without destroying the cable.

Btw you will get a notification when someone unplugs the device from the ethernet, so you will know if anyone accesses the network via the Ethernet cable

Aqara_PM_Donie · March 18, 2026, 7:50am

Hello new friend, welcome to the Aqara Forum

I agree with [cezary806]'s point of view, and I suggest threading the Ethernet cable through the middle hole of the bracket on the back of the doorbell, and then hiding the entire Ethernet cable in the wall (if you have the conditions to do it), so that only by forcibly removing the doorbell can it be connected to your LAN. it’s hard to imagine that criminals would destroy the devices at your doorstep just to connect to your local area network, which can easily leave traces, and the doorbell would also record everything before it happened.

In addition, binding ports and MAC addresses through PoE switches is the safest solution, but switches that support this operation are usually expensive and not affordable for all users. Therefore, my suggestion is that as long as the network cable is not exposed to any places where it can be discovered, the security is already quite high.