how can I control new computers connect to zywall

lechulysy

I use Zywall 110.

After connecting a new computer to zywall (no MAC in IP/MAC Binding table) I would like to receive a notification (e.g. via email). If it is possible? If not how can I block this computer to "see" LAN?

Zyxel_Emily

Hi @lechulysy,

When a new computer is connected and get IP from ZyWALL, since the log for DHCP is not categorized as an "Alert" log, ZyWALL won’t send an email notification when a new computer is connected.

Do you let unknown computers to access Internet only but not to access lan resource/server? 

You can assign another interface such as lan2 for unknown computers and add a security policy rule as follows.

From LAN2, To LAN1, Action: deny, Log alert

lechulysy

Sometimes the user connects his "home" computer in the office. I need to know that it happened and not allow him access to the LAN, WAN etc. Normaly the new computer has been assigned IP address from "deny" range (this range has set special rules on firewall) but it not works for LAN of course.

jasailafan

I guess you need the function called 802.1x port security which is implemented on switch.

Is it the scenario you need?

https://businessforum.zyxel.com/discussion/1565/is-there-a-way-to-configure-802-1x-mac-based-on-a-gs1920

lechulysy

your right, but I was hoping to do this on the router :)

lalaland

Firewall/Router is working on layer 3~layer7. e.g. web authentication.

As for your requirement, it need to restrict on layer 2 switch to avoid unknown device access to office network.