MAC Address filtering



  • Hi All,

    I am using the pfsense with squid & squidguard in my company to give the access internet in users mobiles through TP-Link wifi Access point.

    Now i want the Mac address filtering through pfsense for mobile users,

    Some one help me how i can configure the Mac address filtering in pfsense.

    Thanks,
    SJain



  • There is no "out of the box" MAC address filtering. The pf firewall is a layer 3 firewall. The best you can do with the default menus is to assign MAC addresses to specific IP addresses and filter via IP.

    That said… there are some hacks you can do to use the IPFW firewall (which is used for the captive portal) which will allow layer 2 rules. Many of them have been described in the forums.



  • I agree best case scenario is to use DHCP service of pfsense and assigning IP address through mac binding, works quite fine. Captive portal is too intrusive for mobile devices.



  • @exograpix:

    Captive portal is too intrusive for mobile devices.

    I've done a hack where I have turn on captive portal and then create ipfw firewall rules to skip (i.e. disable) the normal captive portal rules and add the rules that I want… There are some other threads where this is discussed. That said - it's not for those that aren't comfortable mucking around in what pfSense normally does.



  • there is sorta mac filtering but its a pain to manage ..  (see dhcp server –> static ARP)