How can I block a specific client from accessing WiFi network?

Zyxel_Nami

Situation:

Users may sometimes need to block a specific client from accessing their WiFi network. This could be due to security reasons, bandwidth management, or to prevent unauthorized access. The "Policy" feature on Nebula is beneficial as it allows network administrators to have better control over who can access their network.

Configuration Steps:

1. Go to Client > Client list > Choose Access point clients. Then select the client you want to block.
   
2. In the policy, select "Block list". If you want to unblock the client, select "Normal".
   

Test:

• On the same page, you can verify the action by checking if the 'Policy' shows "Blocked" for this client.

• Alternatively, you can check the event log at Monitor > Access points > choose Event log.

Policy Explanation:

• Allow list: Clients selected here will bypass captive portal authentication.
• Block list: Clients selected here cannot connect to the site. The method of blocking depends on the type of Nebula Device selected under the 'Client list'.
  • AP: The client is blocked by MAC address from connecting to any AP on the site.
  • Switch: The client is blocked by the MAC address from sending or receiving network traffic.
  • Gateway: The Security Appliance will not route traffic to the client’s IP address.
• To specific SSID: This allows for selective application of captive portal authentication to specific SSIDs on an AP.
• Normal: No policies are applied to clients selected here.