Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JHNN-BE
New Contributor

Mac adresse filtering from wan don't work

Hello everyone,
I made a policy with mac address filtering on port 80 and 443 but it doesn't work. when I apply the mac address filter, the device with this mac address cannot access the services. no worries when I put on ALL.

On the other hand I made an identical policy between 2 vlan and no worries.

 

Why it won't work on WAN

 

I followed this guide https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-MAC-Addressed-Based-Policies... 

 

Attached are the two screen shots of the policies in question

 

Capture.PNGCapture2.PNG

1 REPLY 1
Markus_M
Staff
Staff

Hi Jhnn-be,

 

do a packet capture:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Packet-Capture-on-FortiOS-GUI/ta-p/1...

and then see what MAC you actually receive. It is VERY unlikely that the MAC of the device will be transported over WAN.

 

Best regards,

 

Markus

Top Kudoed Authors