how can I control new computers connect to zywall

lechulysy
lechulysy Posts: 5
First Comment
edited April 2021 in Security

I use Zywall 110.

After connecting a new computer to zywall (no MAC in IP/MAC Binding table) I would like to receive a notification (e.g. via email). If it is possible? If not how can I block this computer to "see" LAN?

All Replies

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,296  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2019

    Hi @lechulysy,

    When a new computer is connected and get IP from ZyWALL, since the log for DHCP is not categorized as an "Alert" log, ZyWALL won’t send an email notification when a new computer is connected.

    Do you let unknown computers to access Internet only but not to access lan resource/server? 

    You can assign another interface such as lan2 for unknown computers and add a security policy rule as follows.

    From LAN2, To LAN1, Action: deny, Log alert

  • Sometimes the user connects his "home" computer in the office. I need to know that it happened and not allow him access to the LAN, WAN etc. Normaly the new computer has been assigned IP address from "deny" range (this range has set special rules on firewall) but it not works for LAN of course.

  • jasailafan
    jasailafan Posts: 191  Master Member
    First Anniversary 10 Comments Friend Collector First Answer

    I guess you need the function called 802.1x port security which is implemented on switch.

    Is it the scenario you need?

    https://businessforum.zyxel.com/discussion/1565/is-there-a-way-to-configure-802-1x-mac-based-on-a-gs1920

  • your right, but I was hoping to do this on the router :)

  • lalaland
    lalaland Posts: 90  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer

    Firewall/Router is working on layer 3~layer7. e.g. web authentication.

    As for your requirement, it need to restrict on layer 2 switch to avoid unknown device access to office network.

Security Highlight