Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 669 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall

Commin

Hallo zusammen,

ich habe seit einigen Wochen die XG FW daheim am laufen. Nun habe ich folgendes Problem wo ich einfach nicht weiter komme.

Ich möchte anhand einer MAC-Adresse den Internetzugriff sperren. Ich habe mit der entsprechenden MAC einen MAC-Host angelegt - und dann das ganze in eine Regel gepackt. Leider funktioniert es so aber nicht - und ich finde den Fehler nicht...

Hat irgendjemand einen Tipp was ich falsch mache?

Vielen Dank & schöne Ostern!



This thread was automatically locked due to age.
Parents
  • 0

    Moved to the correct Forum.

    Hello!

    Some questions first:

    1. Is there any L3 switch in front of the "PC-Norman"?
    2. Can the Firewall can see the "PC-Norman" MAC-Address correctly?
    3. Is there any other "Accept" Rule above the "Drop" Rule?

    Otherwise since you're a Home User, I recommend you to use IP-MAC Filtering (if necessary) with Clientless Users and Static DHCP mapping.

  • 0 in reply to Prism

    Hello!

    on question 1: No

    on question 2: I think yes, i see the MAC-Adress in the IPv4 lease overview

    on question 3: I think no - i have only 2 rules. The first - is the "block" rule - the second the allow... 

    What I don't understand - why is the rule displayed as not used?

    Thank you!

  • 0 in reply to Commin

    If the firewall has 0 Bytes, it basically do not hit. That means , the filter criteria, you selected, are not applied to the Client traffic. 

    I assume this PC-Norman does not have a correct MAC and/or the client traffic does not look like this.


    Basically move to clientless user anyway. Give the Client a static IP via DHCP, map the IP to the User and use the User in Firewall rules. 

Reply
  • 0 in reply to Commin

    If the firewall has 0 Bytes, it basically do not hit. That means , the filter criteria, you selected, are not applied to the Client traffic. 

    I assume this PC-Norman does not have a correct MAC and/or the client traffic does not look like this.


    Basically move to clientless user anyway. Give the Client a static IP via DHCP, map the IP to the User and use the User in Firewall rules. 

Children