Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Access Rules with Mac Addresses

mjtmjt Newbie ✭
in Mid Range Firewalls

Is it possible to restrict access to a device behind the firewall to only external devices based on a MAC address (instead of a Public IP address.)

I have setup the rule but my initial testing did not work, so I wanted to confirm if this is even possible.

I created a WAN to LAN access rule where my SOURCE address was an Address Group with 4 MAC address objects.

Is this the correct way and is this even possible?

Category: Mid Range Firewalls
Reply

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    MAC addresses are Layer 2. You cannot block based on MAC address when coming from the WAN. You can do LAN to WAN as long the Firewall sees your MAC address, but not WAN to LAN.

    —Michael@BWC

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    Everything on the internet will have a source MAC address of your WAN router. So no, this is not a viable approach.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @mjt

    Please elaborate this purpose to us may be we can help some other way around .

    NB: WAN to LAN mac based policy not practical.

  • Firewalls_comFirewalls_com Newbie ✭

    You can only block/allow with a IPv4 or 6 address and these are you WAN IPs. If you are needing one device from another location to access internal, I would recommend setting that remote device as an IPV6, and creating an exception rule for the on site firewall. The remote firewall needs a rule to not NAT that IPv6 device.

Sign In or Register to comment.