How to make Gateway forward only authorized (OTAA Joined) end device's data and block public traffic?

Hello everyone,

Our deployment is in urban area and there are plenty of LoRa devices in neighborhood. By default gateway forwards all received packages to cloud network server. Our backhaul connection is through 4G LTE and we would like to minimize the data usage by filtering unrecognized/unauthorized data packages.

Thank you,

The configuration for the Gateway Bridge supports filtering by both NetID and JoinEUI. Take a look at the docs.


If I may ask, will the filter feature on gateway-bridge tell the actual gateway not to forward those packets? Or it will just make the gateway-bridge filter them? Because in the latter case, those frames will consume 4G anyway.


Yes, that requires the Gateway Bridge being on the gateway, which is highly recommended. If you can’t do that, you’ll want to investigate with your gateway vendor.

We have gateway bridge implemented on Gateway itself so we should be fine. We will give it a try.

Thank you very much for the support.


Apologies, I didn’t read your question totally correctly. The Gateway Bridge will drop the packets, it doesn’t tell the packet forward to behave in any particular way.

The Issue with NetID is, you have to use something other than the “allowed” 00....0 or 11....1, that means having a registered network with the Lora Alliance. Don’t know if the JoinEUI has the same “issue”.

As written in the spec, yes. But not very enforceable. :wink: