Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Mohammed_Feroz
Staff
Staff

Created on ‎03-21-2023 11:01 PM Edited on ‎11-19-2025 01:09 AM By Community Manager

Article Id 249855

Technical Tip: Adding multiple MAC address under single MAC based address object

Description This article describes the various options for configuring the MAC address under a single MAC-based address object.
Scope FortiGate.
Solution

MAC address can be added below:

  1. Adding a single MAC address.
  2. Adding a range of MAC addresses.
  3. Adding a wildcard MAC address.

 

To add MAC addresses from the GUI, select the plus sign under the MAC address.

 

address.png

 

To add MAC addresses from the CLI, separate the addresses with a quotation mark or use the append command to add another MAC address entry.

 

cli.png

 

In cases where the network is managed based on the source MAC address, it can be a tedious process to add a MAC address-based object for each user and possibly call it under a group.

The above options can be helpful to manage the group under a single address object.

 

mac object.jpg

 

In the above example, 2 MAC-based address objects have been configured.

 

  1. Office_PC: that includes one MAC address, a Range of MAC addresses, and a wildcard of the MAC address.
  2. mac_block: a complete wildcard MAC address, so it can be used to block all MAC addresses in a deny policy.
 
mac policy .jpg

 

2214
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.