Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Umesh
Contributor

Mac-filtering in Fortigate dialup IPsec vpn || windows native ||

Hi All,

 

We have received new requirement from client to configure mac-filtering in dailup Ipsec  vpn.

 

Basically this requirement is those users are working remotely we just need to bind their laptop mac-address in fortigate policy/rule.

 

Note - we are using dialup Ipsec vpn not SSL VPN.

 

Need your help to configure it as I don't have any Idea on it.

 

Thanks 

1 REPLY 1
msanjaypadma
Staff
Staff

Hi @Umesh ,

 

Based on the description, I understand that you would like to know if the "MAC address check" support in remote access IPSEC VPN.

This feature is not available in remote access IPSEC VPN.

However you can restrict the unknown mac address connection using "DHCP addressing mode" where you can reserve the IP address with known MAC and specify the DHCP address range as known mac address only, due to which unknown MAC address connection would not be able to connect.

Kindly refer below document: 
https://community.fortinet.com/t5/FortiGate/Technical-Tip-DHCP-IP-address-reservation-with-Dial-up-I...

I hope it will help.

 

Thanks,

Mayur Padma
Top Kudoed Authors