Have you noticed that your internet has become slower than usual? Or do you suspect that your TP-Link Wi-Fi router Have strangers connected? In this article, we'll explore how to accurately determine the list of devices on your network—from official methods via the web interface to advanced tools for experienced users.
Manufacturer TP-Link offers several ways to monitor connections: through the admin panel, mobile application Tether, as well as using specialized software. We'll cover each option with step-by-step instructions. including hidden features of the new Archer AX/Deco firmware that allow you to block suspicious devices directly from the interface without rebooting the routerWe'll pay special attention to how to distinguish legitimate gadgets (smartphones, smart speakers, IoT devices) from potential "plants."
Important: If you find an unfamiliar device, don't rush to change your Wi-Fi password. First, check if it's part of your ecosystem (for example, it could be an update for Smart TV (or a game console, which is temporarily displayed under a strange name). At the end of the article is a checklist for actions to take if a hack has been detected.
1. Checking via the TP-Link web interface (universal method)
The most reliable way is to access your router's control panel. This works on all models, from older ones TL-WR740N to the flagship Archer AX11000All you need is a computer or smartphone connected to the router's network (via cable or Wi-Fi).
Instructions:
- Open your browser and type in the address bar
192.168.0.1or192.168.1.1(if the IP has changed, look at the sticker on the bottom of the router). - Enter your login and password (default -
admin/admin, if you haven't changed it). On newer models, you may need to create an account the first time you log in. - Go to the section
Wireless → Wireless StatisticsorDHCP → DHCP Clients List— the name depends on the firmware version.
In the table you will see:
- 📱 Device Name (Host Name) — can be displayed as a gadget model (for example, "iPhone-12-Pro") or a random set of characters.
- 🔢 MAC address — unique identifier (example:
00:1A:2B:3C:4D:5E). It can be used to determine the device manufacturer through special services. - 📶 IP address — a local address on your network (for example,
192.168.0.103). - ⏱️ Connection time — will help identify devices that appear at night or in your absence.
2. Using the Tether mobile app
Application TP-Link Tether (available for Android And iOS) simplifies router management from your smartphone. It displays a list of connected devices in real time and allows you to block them with a single tap—without logging into the web interface.
How to check:
- Download Tether from App Store or Google Play (official app from TP-Link Technologies Co., Ltd.).
- Register or sign in with your TP-Link account (if your router supports cloud management).
- Select your router from the list. On the main screen, tap the "Connected devices" icon (usually at the bottom of the screen).
Advantages of the method:
- 🔍 Traffic visualization: the app shows how much data each device consumes.
- 🚫 Quick blocking: you can disable a suspicious device directly from the list.
- 📊 Connection history: In some versions, statistics for the last 7 days are available.
⚠️ Attention: In the appendix Tether Not all devices may be displayed if they are connected via cable (Ethernet) or use a static IP. For a complete list, it's best to combine this method with checking via the web interface.
3. MAC Address Analysis: How to Identify a Device's Manufacturer
If you see an unfamiliar MAC address in the list of connected devices, you can "decode" it. The first six characters (the prefix) indicate the device's manufacturer. For example:
00:1A:79— Samsung Electronics3C:5A:B4— Google (devices Nest, Pixel)78:31:C1— Apple50:C7:BF— TP-Link (maybe it's a signal repeater)
How to check:
- Copy the MAC address from the list of connected devices.
- Enter it in the search bar MAC Vendor Lookup (for example, on the website macvendors.com or wireshark.org/tools/oui-lookup.html).
- Compare the manufacturer with your gadgets. For example, if the prefix indicates Xiaomi, but you don’t have devices of this brand, this is a reason to be wary.
| MAC prefix | Manufacturer | Typical devices |
|---|---|---|
B8:27:EB |
Raspberry Pi | Microcomputers, media centers |
00:0A:F7 |
LG Electronics | Televisions, smart refrigerators |
D8:BB:C1 |
Netgear | Routers, repeaters |
A4:83:E7 |
Amazon Technologies | Smart speakers Echo, cameras Ring |
Please note: some devices (especially Chinese IoT gadgets) can spoof MAC addresses or use random values to bypass restrictions. In this case, only a full network audit will help.
4. Advanced Methods: Scanning the Network with Programs
If the web interface and application Tether If these don't provide a complete picture, use third-party utilities. They scan the local network and display all active devices, including those hidden from the router's DHCP list.
Popular programs:
- 🖥️ Advanced IP Scanner (Windows) — a free utility with a simple interface. Shows IP, MAC address, manufacturer, and open ports.
- 📱 Fing (Android/iOS) — a mobile app for network scanning. Can detect device type (smartphone, printer, camera).
- 🐧 nmap (Linux/macOS) - A command-line tool for advanced users. Scanning command:
nmap -sn 192.168.0.0/24
Sample report Advanced IP Scanner:
192.168.0.1 TP-LINK TECHNOLOGIES Router
192.168.0.100 Apple iPhone (your_phone)
192.168.0.103 Unknown ? (suspicious device)
192.168.0.105 Samsung Electronics Smart TV
What should I do if the program shows "unknown device"?
This could be:
- A gadget with disabled multicast (for example, some IP cameras).
- A device using a VPN or proxy within your network.
- A hacked router, connected to through a backdoor (for example, through a vulnerability in the firmware).
In such cases, it is recommended to reset the router to factory settings and update the firmware.
5. How to distinguish your devices from others: practical tips
Even if the list of connected devices contains unfamiliar names, it doesn't always indicate a hack. Here's how to take inventory:
- Check all the gadgets in the house: smart light bulbs (Xiaomi Mi Home), fitness bracelets (Huawei Band), wireless headphones - they often connect to Wi-Fi automatically.
- Turn off Wi-Fi on all your devices: If there are any connected gadgets left in the list, they are 100% unrelated.
- Use the "MAC Binding" feature (in router settings): allow connections only for known addresses.
Typical "false positives":
- 💡 Smart sockets (TP-Link Tapo, Sonoff) - may be displayed as "ESP_XXXXXX".
- 🎮 Game consoles (PlayStation, Nintendo Switch) - are sometimes shown under technical names.
- 🖨️ Printers and MFPs (Canon, HP) - connect to the network for printing via Wi-Fi Direct.
Disable Wi-Fi on all your devices|Check the DHCP list in your router|Compare MAC addresses with the device documentation|Use a network scanner (e.g., Fing)|Enable notifications for new connections in Tether-->
6. What to do if you find someone else’s device?
If there really is a foreign device on your network, follow these steps:
- Block your device:
- In the web interface:
Wireless Mode → MAC Filtering(add someone else's MAC to the blacklist). - In the appendix Tether: Swipe the device to the left and select "Lock".
- In the web interface:
W7#kP9!mQ2@xY4). Do not use personal information (dates of birth, names).⚠️ Attention: If someone else's device reappears after changing the password, this is a sign that your router has been compromised (for example, through a firmware vulnerability or physical access to the button WPS). In this case, a full reset to factory settings and manual reconfiguration are required.
For maximum protection:
- 🔒 Turn it off
WPS(this is a vulnerable protocol). - 🔄 Enable automatic firmware updates (on newer models) TP-Link there is a function
Auto Firmware Upgrade). - 📡 Change the network name (
SSID) to a non-standard one - this will complicate the task for automated scanners.
7. Automatic monitoring: setting up notifications
To avoid manually checking the list of connected devices, set up automatic notifications about new gadgets on the network. This is available in:
- 📱 Application Tether:
Settings → Notifications → New devices. - 🖥️ Based on firmware OpenWRT/DD-WRT: via plugins like
NodogsplashorWiFiDog. - 🌐 Cloud services TP-Link Omada (for business routers): allows you to set up email notifications.
Example of notification from Tether:
[TP-Link Alert] A new device has joined your network:
- Name: "Android_abc123"
- MAC: 00:1A:2B:3C:4D:5E
- IP: 192.168.0.107
- Time: 14:30, 15.05.2026
For advanced users: you can customize the script to Raspberry Pi or a home server that will scan the network every 5 minutes and send a report to TelegramExample code on Python:
import subprocess
import telebot
bot = telebot.TeleBot("YOUR_TELEGRAM_BOT_TOKEN")
def scan_network():
result = subprocess.run(["nmap", "-sn", "192.168.0.0/24"], capture_output=True)
devices = result.stdout.decode().split("\n")
# Send a list of devices to Telegram
bot.send_message(chat_id="YOUR_CHAT_ID", text="\n".join(devices))
scan_network()
8. Common mistakes and how to avoid them
When checking connected devices, users often encounter false alarms or, conversely, miss real threats. Let's look at some common mistakes:
- 🔄 Ignoring your IoT devices: smart kettles (Redmond), robotic vacuum cleaners (Xiaomi Roborock) or weather stations often have non-obvious names online. Make a list of all the gadgets in your home in advance.
- 🔒 Password is too simple: Even if you have changed the password from the factory one, combinations like
12345678orqwertyhacked in seconds with brute-force. - 📡 No network separation: Guest traffic (friends, neighbors) should go through a separate network with limited access to local resources.
- 🔄 Firmware not updated: in older versions of router software TP-Link there were critical vulnerabilities (for example,
CVE-2021-41653), allowing remote code execution.
To avoid problems:
- Change your Wi-Fi password regularly (every 3 months).
- Use an encryption standard
WPA3(available on models Archer AX and newer). - Disable remote control of the router (
Remote Management) in the settings.
FAQ: Answers to Frequently Asked Questions
Is it possible to see what websites connected devices are visiting?
Yes, but you need to configure it for this traffic monitoring on the router or use third-party programs like Wireshark (for experienced users). In the standard firmware TP-Link This function is called Traffic Statistics or Parental ControlsPlease note: collecting such data may violate privacy laws in some countries.
Why do unknown gadgets appear and disappear from the list of connected devices?
This may be due to:
- Automatically connect your neighbors to your network (if they have saved the old password).
- Running smart devices in the background (e.g. firmware update) Smart TV).
- A "Wi-Fi Pineapple" attack, where an attacker impersonates your network.
It is recommended to enable the connection log in the router settings (System Tools → System Log) and analyze the time of appearance of unknown devices.
How do I permanently block a device so it can't connect even after resetting the router?
Use MAC address filtering in combination with network hiding (Hide SSID). Steps:
- Add the MAC address of someone else's device to the blacklist (
Wireless → Wireless MAC Filtering). - Turn off network name broadcasting (
Wireless → Hide SSID). - Turn on
AP Isolation(client isolation) so that devices do not see each other.
This will not provide a 100% guarantee, but it will make the task much more difficult for an attacker.
Can a TP-Link router notify you of new connections?
Yes, but only in new models with cloud management support (Archer AX10, Deco X60 and above). To do this:
- Install the application Tether and register a TP-Link account.
- Turn on notifications in the app settings.
- Activate the function
New Device Notification.
Older models will require third-party software (eg. GlassWire on PC).
What should I do if my router is hacked and I can't access the settings?
If the password for the admin panel has been changed, but there is physical access to the router:
- Press and hold the button
Reset(10-15 seconds) to reset the settings. - Connect to the router via cable and log in through
192.168.0.1with factory login/password (admin/admin). - Update your firmware to the latest version from the official website TP-Link.
If you don't have physical access to your router (for example, it's installed in an office), contact your ISP for a remote reset.