How to configure MAC filter to block unwanted traffic
Zyxel Employee
The example shows administrators how to configure MAC filter to block unwanted traffic. In this example, Switch-1 will block traffic based on which device sends the packet or which device receives the packet.
Note:
All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Filtering. Check the “Active” box and set the filter Name. Choose the Action as “Discard source”. Key in the MAC you want to block and the VID. Click “Add”.
Note:
Use Discard source to drop traffic sent by the device with the configured MAC entry.
Use Discard destination to drop traffic sent to the device with the configured MAC entry.
2. Test the Result
2-1. PC-1 (with MAC address 00:1E:33:27:04:93) fails to ping Server.
2-2. PC-2 can ping Server successfully.
3. What Could Go Wrong
The MAC address set on Switch-1 should be identical to the MAC address of PC-1 so that the traffic can be blocked successfully.
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 102 Nebula Status and Incidents
- 5.8K Security
- 305 USG FLEX H Series
- 283 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 255 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 77 Security Highlight