Thanks Anthony but our case is little different we have configured client public IP's in foritgate firewall and virtual IP is assigned through Forti client which we have whitelisted. Now we intend to configured the client public IP should be binded with MAC. Dual check verification for connection established i.e MAC and IP both should be matched as client provide us.
Currently we checked multiple ways but unable to find the actual MAC of client's machine.
My (unsolicited) opinion is that it is more pain than gain, a maintenance burden without substantial security benefit (or MAC filtering! Cool, then MAC-changer will fix it right..).
Have you considered client certificate authentication as additional step? This would confine a user to the only PC/laptop/etc which has the certificate installed.
N.B. If you really mean to allocate IP based on MAC address of the client (Forticlient does not assign a new MAC on connection, so you can't control this part), then I've never heard of such service in firewalls, but who knows...