ACL Multiple MAC Addresses

SkyGoat

I think I know the answer to this, but just to confirm, in Site-wide > Configure > Switches > ACL, is there any way to put more than one MAC address in either the Source MAC or Destination MAC boxes?

I have several devices from the same manufacturer that I want to use the ACL to block a TCP port on. I was hoping to enter multiple MAC address in the box, or be able to enter a wildcard e.g. 00:11:22:*, but it looks like I have to create a new line/rule for each individual MAC address.

Zyxel_Tina

Hi @SkyGoat,

You are correct. The Nebula ACL feature for switches (Site-wide > Configure > Switches > ACL) does not support entering multiple MAC addresses or using wildcard characters (such as the 00:11:22:* format) in either the Source MAC or Destination MAC fields, which only support the 00:12:34:00:00:00/ff:ff:ff:00:00:00 format.

To block a TCP port for several devices based on their MAC addresses, you will need to create a separate ACL rule for each individual MAC address. This is how the ACL functionality is designed in Nebula, requiring specific criteria for each rule.

Zyxel_Tina

Hi @SkyGoat,

You are correct. The Nebula ACL feature for switches (Site-wide > Configure > Switches > ACL) does not support entering multiple MAC addresses or using wildcard characters (such as the 00:11:22:* format) in either the Source MAC or Destination MAC fields, which only support the 00:12:34:00:00:00/ff:ff:ff:00:00:00 format.

To block a TCP port for several devices based on their MAC addresses, you will need to create a separate ACL rule for each individual MAC address. This is how the ACL functionality is designed in Nebula, requiring specific criteria for each rule.