How to block a device from the network

Started by kmanos, November 16, 2022, 05:10:24 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 16, 2022, 05:10:24 PM
I thought it would be pretty straightforward to do, but I can't seem to find out how to block a specific device  from connecting to my network. I'd presume I'd simply block the MAC address, but can't find any easy way to accomplish this from the GUI.
November 16, 2022, 05:14:15 PM #1
Add a firewall rule for the (probably?) LAN interface.

That won't keep the device from communicating with other devices on your LAN. Traffic within the same network does not pass through your firewall. That needs to be done on your switch or your access point if it's WiFi.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 16, 2022, 05:56:17 PM #2
DHCP assign no IP to this MAC, with Static mappings and check "Enable static ARP entries", as close as you can get.

Didn't check recently, but if a specific MAC has a reserved IP on ONE interface, this specific MAC will receive an IP on all other interfaces of the sense (it'S the way it was in the past, since pfsense times)
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
November 28, 2022, 11:01:14 AM #3
Your (cabled) LAN should be trusted. If you simply block a MAC a bad actor can:
  * spoof a new MAC address
  * Set a static IP in the DHCP range

So, the requested feature is somewhat pointless and only block uninformed people.
Print
Go Up Pages1
User actions