Mac adresse filtering from wan don't work

Forum|Forum|3 years ago
February 10, 2023
1 reply
1108 views

Hello everyone,
I made a policy with mac address filtering on port 80 and 443 but it doesn't work. when I apply the mac address filter, the device with this mac address cannot access the services. no worries when I put on ALL.

On the other hand I made an identical policy between 2 vlan and no worries.

Why it won't work on WAN

I followed this guide https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-MAC-Addressed-Based-Policies/ta-p/189525?externalID=FD45609

Attached are the two screen shots of the policies in question

FortiGate

Markus_M

Staff & Editor

Hi Jhnn-be,

do a packet capture:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Packet-Capture-on-FortiOS-GUI/ta-p/194444

and then see what MAC you actually receive. It is VERY unlikely that the MAC of the device will be transported over WAN.

Best regards,

Markus

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded