Configuring the MAC filter list on specific SSIDs through the Wireless network manager (WNM)

Wireless networking provides native MAC filtering capabilities that prevent wireless clients from authenticating and associating with the wireless security appliance. If you enforce MAC filtering on the WLAN, wireless clients must provide you with the MAC address of their wireless networking card. The SonicOS wireless MAC Filter List allows you to configure a list of clients that are allowed or denied access to your wireless network. Without MAC filtering, any wireless client can join your wireless network if they know the SSID and other security parameters, thus allowing them to “break into” your wireless network.

Log into the https://cloud.sonicwall.com using your Mysonicwall credentials and select the right Tenant on the top

1. Click on wireless Network Manager (WNM) under Products
2. Navigate to Security|Address objects.
3. Select Add (+) icon to create a new address object for the allowed MAC address
4. Fill in the details like Name, Description, Type: MAC, and MAC address: Which needs to be allowed
   
5. Navigate to Security|Address Object|Address Groups.
6. Select Add (+) icon to create a new address group for the allowed MAC address
7. Select the allowed MAC address and add it and Save it.
   
   
8. Navigate to Security|Security policies|Access points. 
9. Select Add (+) icon to create an ACL security policy
   
10. Give a Name and Type: ACL security policy.
    
11. Navigate to add a new security policy
12. Select Mode: Allow and Client MAC address group: Custom allowed address group as shown in the below picture.
13. Navigate to Policies|SSID policies.
14. Select the SSID on which you need to apply the ACL policy for the allowed MAC address.
15. Click on Edit Icon on the SSID.
16. Navigate to the Security policy
17. Select the ACL policy from the drop-down and save it, as shown in the picture.
    
    
    How to Test:
    If another machine whose MAC address is not listed in the cache would try to connect to the SSID it will be Denied connecting. They won't be able to connect to your SSID.