Locking down access/internet access using mac address control

Question

Hi there. 
 Relatively new to Sophos UTM but I have noticed a mac address list in one of the options. 
 What I am looking to try is locking down the ability to browse the network devices/surf the internet using a mac address list. 
 Is this possible??? 
 My current setup is a hp microserver gen8 with 8gb ram running Sophos UTM, another microserver running hyperv/AD/DNS. 
 I have 2 unifi AC Pro access points at my own house and another at my partners house with a vpn tunnel and a draytek 2830 at the other end. 
 The other end currently use the DNS put out by the Sophos in order to resolve the AD server and login. 
 
 Thanks.

sachingurung · Accepted Answer

Hi Andrew, 
 Refer this KBA . Hope that helps. 
 Thanks

BAlfson · Answer

Hi, Andrew, and welcome to the UTM Community! 
 As Sachin said, the answer to your question is "no." However, you can achieve the result you want in a different way... 
 In the 'Advanced' section of your DHCP Server definition, select ' Clients with static mappings only ' and then create a Static Assignment for each of the devices that should be allowed to have an IP address. Remove "Internal (Network)" from 'Allowed Networks' in 'Web Filtering' and add these IP addresses. In 'Firewall', create a firewall rule blocking 'Internal (Network) -> Web Surfing -> Internet'. Refer to #2 in Rulz to understand why this won't block traffic handled by the Web Filtering Proxy. 
 Is that what you were trying to accomplish? 
 Cheers - Bob