How to configure MAC filter to block unwanted traffic
Zyxel Employee
The example shows administrators how to configure MAC filter to block unwanted traffic. In this example, Switch-1 will block traffic based on which device sends the packet or which device receives the packet.
Note:
All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Filtering. Check the “Active” box and set the filter Name. Choose the Action as “Discard source”. Key in the MAC you want to block and the VID. Click “Add”.
Note:
Use Discard source to drop traffic sent by the device with the configured MAC entry.
Use Discard destination to drop traffic sent to the device with the configured MAC entry.
2. Test the Result
2-1. PC-1 (with MAC address 00:1E:33:27:04:93) fails to ping Server.
2-2. PC-2 can ping Server successfully.
3. What Could Go Wrong
The MAC address set on Switch-1 should be identical to the MAC address of PC-1 so that the traffic can be blocked successfully.
Categories
- All Categories
- 195 Beta Program
- 1.7K Nebula
- 93 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 52 Switch Ideas
- 920 WirelessLAN
- 28 WLAN Ideas
- 5.4K Consumer Product
- 173 Service & License
- 296 News and Release
- 65 Security Advisories
- 14 Education Center
- 1K FAQ
- 453 Nebula FAQ
- 258 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 22 Consumer Product FAQ
- 67 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 52 Security Highlight