How to control and secure network access with client policy (MAC filter)?

Zyxel_Jami

Where to find: Site-wide > Clients > Client list

Function description: This function uses a MAC filter for the stations. We can add the station to the whitelisted called “Allow list”, which can bypass the Captive portal, add it to the “Block list”, which will be blocked from accessing the SSID, and "To specific SSID" allows to connect to a specific SSID.

These rules can be found in "Show policy clients".

Scenario: The customer's station MAC address is 34:DE:1A:11:11:AA. It is allowed to bypass the captive portal authentication.

Configuration:

1. The station has connected to the AP, so we can know the MAC address via the Client page.
   1. Go to Clients > Client list > Choose Access point clients. Choose the client and add a policy rule.
   2. The station can be searched via "Show policy clients", and we can see the details in the Policy.
2. The station is not connected to the AP, but we know the MAC address. So we can add the MAC address and assign a rule for it.
   1. Go to Clients > Client list. Click "Add client", and add the station details. Then click "OK".
   2. The client can be found in the Show policy clients.

Note.

1. Clients are not added to the policy client will get the policy as Normal.
   
2. Maximum block policy for wireless client is 512 entries per site. Site with over 512 wireless client policies after Nebula phase 12 launch can keep existing entries but cannot create additional policies until removing other wireless client entries.