MAC Address Blocking Capability

Jeffrey.R · August 9, 2016, 11:43pm

Greetings and Salutations,

Customers have requested a feature be added for the functionality to block specific MAC addresses from being provided access to the network, a block on specific MAC addresses.

It seems that there are some folks that would like to do “bad” things when given the opportunity :mad: and the administrators trying to protect the network and provide stability to “legitimate” users would like to more easily thwart these “evil” folks from being allowed to connect to the network. There are some “work-arounds” to accomplish a similar result, however, it is more complicated than it “needs to be.”

Please thoughtfully consider adding the ability to easily block a given MAC address from accessing the network (LAN) much like other networking devices allow. Adding this functionality to the “road map” for future releases of firmware enhancements would be very helpful.

Another thread posted in these forums regarding this feature request can be referenced here.

Thank you kindly, forum community, for your input and to the Peplink team for thoughtfully considering community input.

nwacloud · August 10, 2016, 3:58am

Thanks Jeff for this post! Yes this is a vitally needed feature that many of our clients using Peplinks in the hospitality industry (hotels/motels guest lodging facilities) really need as it only takes one bad apple to spoil the barrel. A quick blocking feature accessible from the Peplink/Status/Clients page would give admins the ability to quickly remove those who are trying to abuse the system. This feature is already available on many low-end Netgear and Cradlepoint routers and should not be difficult to implement. Thanks for your consideration and hope this feature becomes available soon! Regards, Daren

Fred_C · August 28, 2016, 3:12am

Hello,

It as a very usefull idea.
It will give us more flexibility and a faster reaction against bad usage.

+1 for MAC Adress Blocking Capability.

Thank you
Cheers,

SamuelNorris · August 29, 2016, 7:27am

Evening
If you could block via MAC address from the Client list page or even better, add that MAC address to a user group!
+1 from us!
Thank You

eibyer · February 21, 2017, 9:15am

I know this post is old but this is something I’ve been looking for.

TMPC · December 6, 2017, 5:54pm

Yes! I would like to see this also.

SPeedY · March 20, 2018, 7:58am

I found myself looking for this specific task. Would be a great feature to have.

Don_Ferrario · March 20, 2018, 7:11pm

You can do this easily with firewall rules. Create an internal our outgoing firewall rule that specifies from that MAC, with the action of “deny”.

mldowling · March 20, 2018, 10:33pm

Here is an example of what @Don_Ferrario was referring to in the Outbound Firewall rules

You don’t need to have “Event Logging” unless you want to manually access the device logs to see if it is doing what you expect and how frequently the MAC address is being blocked.
Happy to Help,
Marcus

brycenesbitt · February 10, 2019, 12:04am

I’d love to see this as a single click in the GUI, block a given device.

But really when we’ve got a rouge or suspect device, I generally want more. I’d like to monitor that given device for a while, see what bandwidth it’s using, see a list of (non-https) domains looked up, and the like. Basically ask the question what is this device doing on the network?