Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Access restriction using mac address

    Firewalling
    2
    3
    3.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      meazz1
      last edited by

      I am trying to block a pc in my LAN using mac address.The rules need to contain so that I can allow the pc to access internet
      for certain hours of the day and specific days of the week.
      Only thing I find is to block by IP address.
      Can someone point me to the right direction?
      I am using pfsense 1.2.3 on a Alix board using CF module.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You cannot filter based on MAC address in that way.

        You could setup captive portal and restrict the LAN with a username/password login, or you could use static ARP in the DHCP settings so that only certain PCs can get out.

        Anyone can spoof a MAC address though, so it's not exactly an effective means of security unless you also have switches that can restrict a specific MAC to a specific port.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          meazz1
          last edited by

          @jimp:

          You cannot filter based on MAC address in that way.

          You could setup captive portal and restrict the LAN with a username/password login, or you could use static ARP in the DHCP settings so that only certain PCs can get out.

          Anyone can spoof a MAC address though, so it's not exactly an effective means of security unless you also have switches that can restrict a specific MAC to a specific port.

          good advice. I will look into the ARP option.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.