Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Mac Filtering

    Off-Topic & Non-Support Discussion
    2
    4
    13871
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      heirkeyso last edited by

      Dear All,

      Is it possible in pfsense to allow or disallow to assign an IP Address for a specific mac address? I'm asking this because I don't what to connect or give an ip address to all mobile devices. My doing this I just need to know the mac address of the devices then tell the dhcp server if you see this mac address don't give it an ipadrress. If you are familiar with the callout, something like that I'm looking for or the mac filtering of the wireless router.

      Thank you in advance.

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        In DHCP server you can use the MAC Address Control section to put in some MAC addresses to deny. That would really be if you want to put some manufacturer MAC prefixes to deny that manufacturer - might work for phones? but not really for general devices because they have so many different ethernet cards/devices. And it would be a bit difficult to put a long list in that field.
        You can check "Deny unknown clients" and then allocate static mapped IP address to each client you want to allow.
        I do something in-between - have a DHCP-pool that gives to whatever asks, but then I block those DHCP pool IP addresses from internet access. That way ordinary people connect their phone (using a WiFi password they got from someone) but quickly come to ICT complaining the internet does not work. Then we allocate them a static mapped IP (which we can then make use of in limiting their bandwidth…).
        And yes, many users nowadays can look at the IPs on the subnet and make an educated guess and assign their own static IP on their device, or can set the MAC address on their device to something different to get around whatever controls are put in place. So, ultimately, MAC address and IP address of a device on the LAN is only really a reliable guide to what the device/user is, if you have complete control over all the hardware.

        1 Reply Last reply Reply Quote 0
        • H
          heirkeyso last edited by

          I have an existing MS windows dhcp server. I also installed a third party application called callout dhcp, it capable is to declare the mac addresses that you want to allow or deny to give an ip address by dhcp server. I have also a ip address reservation, I used this for the executive management in order to give them a full access on the internet(using squidguard of pfsense).

          The ip address reservation can handle it by pfsense. How should I configure on pfsense the mac filtering or the capable of the callout that I installed on the ms windows dhcp server.

          Your help is greatly appreciated.

          Thank you.

          1 Reply Last reply Reply Quote 0
          • H
            heirkeyso last edited by

            Hi to all.

            Please give me an advise how to use the mac filtering of pfsense.

            Thank you in advance.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy