Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Any way to disallow internet access to everyone EXCEPT specified MAC addresses?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TC10284
      last edited by

      I am looking into PfSense and I am wondering if there is anyway I can disallow Internet access to everyone on the network, except specified MAC addresses. Is this possible either with the firewall, or the built-in proxy?

      OR, if this not possible, is there a way to disallow access to ALL IPs except specified IP addresses? We have a DHCP server running on Windows Server 2003, and can setup fixed DHCP leases per MAC addresses there. Anything that's not in that range of fixed leases won't be allowed to access the Internet by being blocked by the pfSense router.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Blocking based on MAC addresses is not supported in 1.2.3 and is trivial to bypass so you're not actually adding security.  You can, of course, create firewall rules to block IP addresses, that's the point.  If you absolutely must only allow access based on MAC address, consider using the captive portal feature.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.