We'd love to hear about it! Click here to go to the product suggestion community
This is for incoming connections from out. Basically, we want to have only a list of MAC addresses to access the services on these ports and the rest cannot access these ports. Is this possible?
Yes, you can.
First create a deny all firewall rule,
then create a allow MAC hosts firewall rule above the deny one.
Apply the firewall rules, only the MAC host can allow and others will be block.
In reply to ShunzeLee:
Thank you for your response.
I tried exactly that. I created a MAC List in MAC Host. But it still blocks the devices. However, if I set it using allowed IP address then it works fine. It does not seem to filter by the MAC
In reply to David David1:
List your firewall rules, and MAC host.
Let us check what's wrong with your setting.
Here are the screenshots. I made a service group containing the 110,995,25,465,993,143 port numbers and named it mail.
This is the service
Sorry, I get wrong with your requirement.
You want to filter the incoming MAC from WAN.
But the source MAC was replaced after they pass through router.
So it is impossible to filter the incoming MAC from WAN.
I apology for misunderstanding...
The request from WAN will be replaced with the MAC address of your ISP router or any L3 device in your WAN. So if you block that MAC address ,no internet access .
In reply to Aditya Patel:
I see. Alright then, is there any other way I can restrict access to a set of devices only?
Since the source MAC was replaced with the routers, this should be impossible.
You may only restrict the access with IP address.