Results 1 to 6 of 6
  1. #1
    Newbie
    Join Date
    Apr 2014
    Location
    Los Angles area
    Posts
    11

    Default blocking MAC address on internal network

    Hello everyone,

    Thanks in advance for any help anyone can provide. I am running NG firewall Version 14.1.2 and I have a rouge AP that randomly shows up on the network. I have the MAC address and created 2 firewall rules 88:DC:96:44:14:5C
    server MAC address is 88:DC:96:44:14:5C block
    client MAC address is 88:DC:96:44:14:5C block

    I can still see device on the network so I suspect "it can only attributable to human error" on my part.

    Thanks again for any suggestion anyone might have,

    Mace

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    Blocking the MAC of the WAP doesn't do anything but prevent the WAP itself from communicating, everything BEYOND that WAP is another matter entirely.

    You need to find it, and remove it. If you have smart switches, you can disable the port it's plugged into.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,678

    Default

    Only an edge switch and your APs can keep the device from getting on the network at all. Untangle and other gateway firewalls can only prevent the device from connecting to the WAN.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 14.1.1 to protect 500Mbits for ~400 residential college students and associated staff and faculty

  4. #4
    Newbie
    Join Date
    Apr 2014
    Location
    Los Angles area
    Posts
    11

    Default

    Thanks for the feed back. You are right I was not thinking about that.

  5. #5
    Newbie
    Join Date
    Apr 2014
    Location
    Los Angles area
    Posts
    11

    Default

    I have never had to block something on the LAN side with NG firewall (only the WAN side). I completely understand this will not help me block an AP and the reasons why. However, since I was still able to ping the device and get to the web UI on it I was not blocking it at all. If I came across a device that I could block and needed to how would I do it?

    thanks,

    Mace

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    You make a firewall rule, or if you really want to be harsh a filter rule. But again, Untangle can only control traffic that's passing through it. That is, into and out of the Internet typically.

    So internal traffic you can make a rule for it, and untangle will block the traffic when it sees it, but it won't see the traffic to begin with, so the rule does no good.

    If you need that kind of control, you need a smart switch that has access control abilities. Basically, a firewall on the switch.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2