How to configure MAC filter to block unwanted traffic
Zyxel Employee
The example shows administrators how to configure MAC filter to block unwanted traffic. In this example, Switch-1 will block traffic based on which device sends the packet or which device receives the packet.
Note:
All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Filtering. Check the “Active” box and set the filter Name. Choose the Action as “Discard source”. Key in the MAC you want to block and the VID. Click “Add”.
Note:
Use Discard source to drop traffic sent by the device with the configured MAC entry.
Use Discard destination to drop traffic sent to the device with the configured MAC entry.
2. Test the Result
2-1. PC-1 (with MAC address 00:1E:33:27:04:93) fails to ping Server.
2-2. PC-2 can ping Server successfully.
3. What Could Go Wrong
The MAC address set on Switch-1 should be identical to the MAC address of PC-1 so that the traffic can be blocked successfully.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 168 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 366 USG FLEX H Series
- 293 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 265 Service & License
- 408 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight