Configuring MAC Filtering
MAC Filtering lets you manage a whitelist of MAC addresses that can access the LAN. All others are blocked. The list is global for all interfaces defined on physical LAN ports.
Note - There is separate MAC filtering on WiFi networks and on LAN ports, with DMZ and WAN excluded.
To enable MAC filtering:
-
Add a MAC address to the LAN MAC Filter whitelist.
-
Move the slider to ON.
After MAC filtering is enabled, you can disable the feature for specified networks.
To edit the LAN MAC Filter whitelist:
-
Go to Device > MAC Filtering > LAN MAC Filter.
-
To add a new MAC Address, click Add > New.
-
To select MAC addresses from the list of Active Devices, click Add > Select.
-
To edit a MAC address, select it from the list and click Edit.
-
To delete a MAC address, select it from the list and click Delete.
To disable MAC filtering for a specific interface:
-
Go to Device > Local Network.
-
Select a LAN interface and click Edit.
The Edit LAN window opens.
-
Click Advanced.
-
Select Disable MAC filtering.
To enable, clear this option.
-
Click Apply.
Note - MAC filtering is not exported on external interfaces and port bonding.
To configure logging for MAC filtering:
-
Go to Device > Advanced Settings.
-
Set the value of the MAC Filtering settings - Log blocked MAC addresses attribute to
-
Enabled - To enable logging
-
Disabled - To disable logging.
Note - This attribute is available only in Locally Managed mode. In Centrally Managed mode, configure logging with CLI.
-
-
Optional -
-
To reduce the number of logs, specify the value of the MAC Filtering settings - Log suspension attribute in seconds.
-
To show all logs, set the value to "0".
-
Note - Traffic dropped in the WiFi driver is not logged.