Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Rajan_kohli
Staff
Staff

Created on ‎07-31-2023 10:46 PM

Article Id 266795

Technical Tip: Blocking a mac address in FortiGate using firewall policy

Description

This article describes how to block a MAC address in FortiGate using a firewall policy.
Scope

FortiGate 6.x.x and 7.x.x.
Solution
  1. Make an address object with the MAC address of the device which is needed to be blocked.

address.PNG

 

    2.  Enable the Multiple Interface Policies feature in feature visibility.

 

Picture1.png

 

     3. Make a Deny firewall policy with source as the address object which we created in step 1.

 

policy.PNG

 

    4.  Move policy to the top of the list.

 

Note: This work only if the MAC address is not getting changed in the path toward FortiGate or if the device is trying to connect directly with FortiGate.
8134
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.