Description
This article describes how to create the MAC address filter from device identification in 6.2.
Solution
In a network, MAC address filtering is more secure and more reliable than IP address filtering because the MAC address does not change.
In 6.2, create the MAC address object directly from device identification.
Below are the steps to add/create the MAC address object.
1) Go to system -> interface -> edit interface
Enable: 'Device Detection' & 'Active Scanning'
This article describes how to create the MAC address filter from device identification in 6.2.
Solution
In a network, MAC address filtering is more secure and more reliable than IP address filtering because the MAC address does not change.
In 6.2, create the MAC address object directly from device identification.
Below are the steps to add/create the MAC address object.
1) Go to system -> interface -> edit interface
Enable: 'Device Detection' & 'Active Scanning'
2) Go to User& Device -> Device Inventory
Choose any existing device with MAC, right click, click on 'Create New Firewall Address' and Choose Mac Address.
3) Once MAC address object created, use it in firewall policy.
Related CLI commands:
#config system interface
edit "mgmt1"
set vdom "root"
set ip 10.5.51.51 255.255.240.0
set allowaccess ping https ssh http telnet fgfm
set type physical
set device-identification enable
set role lan
set snmp-index 1
next
end
#config firewall address
edit "test"
set uuid b6b083a4-ddcf-51e9-df0e-e742df70849d
set type mac
set start-mac 00:50:50:xx:xx:xx:xx
set end-mac 00:50:50:xx:xx:xx:xx
next
end
