Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 376 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MAC filtering on LAN interface

itguy318

I have created a separate zone (LAN) for my IP phones and to use a separate interface on the XG. The IP address for my LAN interface is different to this zone (IP PHONE)

DHCP is configured to provide ip addresses to these IP phones by the XG. My question is how can i allow only phones to communicate and receive IP from the XG on this interface.

Is there a way to MAC filter these phones and allow only whitelisted devices from this zone to the web. Thanks 



This thread was automatically locked due to age.
Parents
  • FormerMember
    +1 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Assuming you have created 'IP PHONE' as a separate zone.

    You can configure MAC based firewall rule to allow web access to required devices located in 'IP PHONE' zone.

    Source zones: IP PHONE
    Source networks and devices: MAC host/list

    Destination zones: WAN
    Destination networks: ANY

    Create linked NAT/separate NAT rule to apply SNAT for internet traffic.

Reply
  • FormerMember
    +1 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Assuming you have created 'IP PHONE' as a separate zone.

    You can configure MAC based firewall rule to allow web access to required devices located in 'IP PHONE' zone.

    Source zones: IP PHONE
    Source networks and devices: MAC host/list

    Destination zones: WAN
    Destination networks: ANY

    Create linked NAT/separate NAT rule to apply SNAT for internet traffic.

Children