Any way to disallow internet access to everyone EXCEPT specified MAC addresses?

  • I am looking into PfSense and I am wondering if there is anyway I can disallow Internet access to everyone on the network, except specified MAC addresses. Is this possible either with the firewall, or the built-in proxy?

    OR, if this not possible, is there a way to disallow access to ALL IPs except specified IP addresses? We have a DHCP server running on Windows Server 2003, and can setup fixed DHCP leases per MAC addresses there. Anything that's not in that range of fixed leases won't be allowed to access the Internet by being blocked by the pfSense router.


  • Blocking based on MAC addresses is not supported in 1.2.3 and is trivial to bypass so you're not actually adding security.  You can, of course, create firewall rules to block IP addresses, that's the point.  If you absolutely must only allow access based on MAC address, consider using the captive portal feature.

Log in to reply