Restrict Network Traffic by MAC Address

Applies To: Cloud-managed Fireboxes

For a cloud-managed Firebox, you can configure an internal or guest network to restrict access by MAC address. When you enable this feature, the Firebox checks the MAC address of each computer or device that connects to the network. If the MAC address of that device is not on the MAC Access Control list for that network, the device cannot send traffic through the Firebox.

MAC Access Control is supported only on networks with one standalone interface. It is not supported for networks with wireless, bridged interfaces, or VLAN enabled.

To configure a network to restrict network traffic by MAC address, from WatchGuard Cloud:

  1. Select Configure > Devices.
  2. Select the cloud-managed Firebox.
  3. Click Device Configuration.
  4. Click the Networks tile.
    The Networks configuration page opens.
  5. Click the tile for the network to edit.
  6. In the network settings, click the Advanced tab.

Screen shot of the Advanced tab for an internal network

  1. In the MAC Access Control section, select the Restrict Access by MAC Address check box.

Screen shot of the MAC Access Control settings for a network

  1. To add a MAC address to allow on this network, click Add MAC Address.

Screen shot of the Add MAC Address dialog box

  1. In the MAC Address text box, type the MAC address.
  2. In the Name text box, type a name to identify this MAC address.
  3. Click Add.
  4. Repeat the previous four steps to add other MAC addresses to allow.
  5. To save configuration changes to the cloud, click Save.

Related Topics

About Firebox Networking Settings