The MAC filters block the IP connections to other devices in the Ethernet following the white list principle, i.e. all connections are blocked unless they are explicitly permitted here. MAC filter rules apply to both, IPv4 and IPv6 traffic.
|
Default settings contain one MAC filter rule already that permits data traffic with the MAC address FF:FF:FF:FF:FF:FF to all IP networks of the router. The MAC address FF:FF:FF:FF:FF:FF is the broadcast address for ARP (Address Resolution Protocol). Without this rule and activated MAC filters, no ARP requests would be possible for example that are used by the router to determine the assignment between IP and MAC address of the network devices. |
-
Click in the
Network → Firewall / NAT menu in the Firewall section on 
and check the checkbox MAC filter activated. -
Click on SUBMIT .
-
Click in the MAC filter section on
to add a new filter rule:-
Select the Interface for which the device with the specified MAC address is permitted; If no interface is selected, it is permitted for all interfaces.
-
Enter the MAC address of the device, for which the selected interface is permitted; If no MAC address is specified, all devices independent of their MAC address are permitted for this interface.
-
-
Click on SUBMIT .
-
Click on ACTIVATE PROFILE
.
|
|
Create a filter rule for each device in the network. Filter rules in which neither an interface nor a MAC address are specified will be ignored. |
|
|
It is recommended to check all existing filter rules for their necessity and deactivate them, if applicable. |
|
|
If the connection of the computer in the configuration network that is used to access the web interface of the router is not permitted explicitly in the MAC filter, no further local connection can be made! |