Solved

Sonicwall MAC Filtering

Posted on 2012-04-09
7
1,605 Views
Last Modified: 2012-04-09
I want to start MAC filtering at the company I work at with our Sonicwall. But everything I read says that MAC filtering is only done for wireless networks on the Sonicwall. I want to enforce it on our wired network. Does Sonicwall do that?
0
Comment
Question by:new_to_networks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 15

Accepted Solution

by:
Robert Sutton Jr earned 250 total points
ID: 37824596
Is there a reason why you would want to filter by MAC? Yes, wireless is the primary use for this type of filtering and is typically not intended for "Physically" connected devices on your network.
0
 

Author Comment

by:new_to_networks
ID: 37824607
Its to prevent people with unsecure laptops from coming in, plugging into a port and having access to our office network. We want to force them to use our guest wireless. Does that make sense?
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 37824612
You might want to do that to discourage users from accessing resources by plugging in "rogue" devices without permission.
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 

Author Comment

by:new_to_networks
ID: 37824621
There's a lot of traffic here, so I'm trying to deny unauthorized machines from plugging in to a port.
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 37824630
Is it an Active Directory domain?  You could probably do that via Group Policy.  Computer not a member of domain = No access.
0
 

Author Comment

by:new_to_networks
ID: 37824680
The office is connected to a VPN which goes to our datacenter with our servers/domains etc. If you're away from the office you have to log in to the VPN. If you're in the office, you just plug in and you're already connected. You don't have a user name and password to connect to the servers or anything, but you're on the office network. I'm probably not explaining very well.
0
 
LVL 13

Assisted Solution

by:IT-Monkey-Dave
IT-Monkey-Dave earned 250 total points
ID: 37824933
You could control access by having your DHCP server use "reservations" to issue specific IP addresses to specific MAC addresses.  If someone plugs in a device with a MAC address that doesn't have a reservation, they won't be able to obtain an IP address via DHCP.

Of course a savvy user could assign their system a static IP and bypass DHCP entirely.  Or if everyone already has a static IP, DHCP reservations do you no good.

Sorry but I have to ask: Why no user authentication?
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Make the most of your online learning experience.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question