Configuring MAC filtering on the switch port using ACL binding policy on Wireless Network Manager (WNM)

Description

Access Control List (ACL) allows you to define classification rules or establish criteria to provide security to your network by blocking unauthorized users and allowing authorized users to access specific areas or resources. ACLs can provide basic security for access to the network by controlling whether packets are forwarded or blocked at the Switch ports. Access Control Lists (ACLs) are filters that allow you to classify data packets according to a particular content in the packet header, such as the source address, destination address, source port number, destination port number, and more. Packet classifiers identify flows for more efficient processing. Each filter defines the conditions that must match for inclusion in the filter. ACLs are used to provide traffic flow control, restrict contents of routing updates, and determine which types of traffic are forwarded or blocked. This criterion can be specified on a basis of the MAC address or IP address.

Resolution

ACL BINDING ON A SWITCH through Wireless Network Manager (WNM)

  1. Login to https://cloud.sonicwall.com/ using your Mysonicwall credentials and select the right tenant on the top
  2. Select the Wireless Network manager
  3. Navigate to Security| Matched object.
  4. Select Add (+) icon to create a new Matched objects for the allowed MAC address
  5. Give a Name, Description, Type: MAC, Source MAC address: User defined, and Enter the allowed MAC address on the Source MAC value field as shown in the below picture.
    Image
  6. Create one more address object to Deny all.
    Image
  7. Navigate to Security|Matched object|Matched Groups.
  8. Select Add (+) icon to create a new Matched group for the allowed MAC address
  9. Select the allowed MAC address and add it and Save it.
    Image
  10. Select Add (+) icon to create a new Matched group for the Deny MAC address
    Image
  11. Navigate to Security|Security Policies|Switches. 
  12. Select Add (+) icon to create a ACL security policy
  13. Give a Name and Type: ACL security policy.
  14. Select the Allow matched group from the drop-down and select Allow mode.
  15. Select +Add matched group
  16. Select the Deny all matched group from the drop-down and select Deny mode.
    Image
  17. Navigate to Network|Devices|Switches
  18. Select the Switch and click on Edit/configure icon on the switch
  19. Navigate to Ports|ACL 
  20. Select the port from the list and select the ACL security policy from the drop-down and enable MAC as shown in the below picture.
    Image
  21. Save the changes.


How to Test:

If another machine whose MAC address is not listed in the cache would try to communicate through the switch port. They won't be able to connect through the switch port.

Related Articles

  • Sonicwall Switch: Auto-Discovery through CLI
    Read More
  • Supported SonicWall and 3rd party SFP and SFP+ Modules that can be used with SonicWall Switches
    Read More
  • Configuring storm control on SonicWall Switch
    Read More

Categories

Switches
Management
Switches
Networking
Switches
Port Authentication
not finding your answers?
Ask the Community