Controlling access with a MAC Address Access Control List
A MAC Address Access Control List is best used to handle exceptions. If you want to limit network access to a larger group, such as your employees, it is better to create a custom device group and specify that group in your device-based security policies.
A MAC Address Access Control List functions as either a list of blocked devices or a list of allowed devices. This is determined by the Unknown MAC Address entry.
• By default, unknown MAC addresses are allowed: Action is Assign IP. You add an entry for each MAC address that you want to block and set its Action to Block.
• If you want to restrict access to a limited set of devices, you set the Unknown MAC Address entry to Block and add an entry for each allowed MAC address with Action set to Assign IP.
To create a MAC Address Access Control List
1. In the SSID or other interface configuration, select Enable DHCP Server.
2. Enter the required Address Range and Netmask.
3. Expand MAC Address Access Control List.
4. Select Create New and enter the device’s MAC Address.
5. Select Assign IP to allow the device or Block to block the device and then select OK.
6. Repeat Steps
4 and
5 for each additional MAC address entry.