[NEBULA] How to control and secure network access with client policy (MAC filter)?

Zyxel_Joslyn Posts: 360
25 Answers First Comment Friend Collector Fourth Anniversary
 Zyxel Employee
edited September 2022 in Other Topics

Where to find: Access point > Monitor > Clients

Function description: This function is used to do MAC filter for the stations. We can add the station into whitelisted which can bypass Captive portal, add into Blocked which will be blocked to access the SSID, and allow to connect specific SSID. These rules can be found in "Show policy clients".

Scenario: The customer's station MAC address is 34:DE:1A:11:11:AA. It is allowed to bypass the captive portal authentication. 


1. The station has connected to the AP, so we can know the MAC address via Client page.

    a. Go to Access point > Monitor > Clients. Choose the client and add a policy rule.

    b. The station can be searched via "Show policy clients", and we can see the detail in the Policy.

2. The station is not connected to the AP, but we know the MAC address. So we can add the MAC address and assign a rule for it.

    a. Go to Access point > Monitor > Clients. Click the "Add client", and add the station details. Then click "OK".

    b. The client can be found in Show policy clients.


1. Clients are not added into the policy client will get the policy as Normal.

2. Maximum block policy for wireless client is 512 entries per site. Site with over 512 wireless client policies after Nebula phase 12 launch can keep existing entries but cannot create additional policies until removing other wireless client entries.