NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
MAC ACL for specific VLAN
I have connected four WNAP320 Access Points to a GS724TPv2 smart managed switch. The Access Points all broadcast three different SSID's (trusted, guest & IoT) that are assigned to three different VLA...
Hi Everyone,
After Eric's last question we continued by e-mail and Eric found the solution;
Please just keep config as your first setting, with all zeros in MAC mask. Then add some new rules that with Destination MAC=white list.
This is because the MAC ACL binding to VLAN not specific physical port, so the packet include upstream(Client->Server) and downstream(Server->Client). It’s necessary to add bi-direction rule.
I guess I'm not the only one who wants to build a MAC ACL white list so here's the solution to your all;
You have to make two rules per device. One with the device MAC in the destination MAC field of that rule. The second rule with the same device MAC in the source MAC field. MAC mask should be all zero's for both rules.
IN the VLAN Binding Configuration you pick the VLAN ID the devices of the white list should connect to. ACL type is MAC ACL and the ACL ID is the name you gave to the set of rules you made for your devices on the white list.
Could you please change Source MAC MASK to FF:FF:FF:FF:FF:FF and try again?
It will be better if you can share the configuration file to us?
How do I send tech-support files from my Managed Switch to NETGEAR community moderators?
Hi Everyone,
After Eric's last question we continued by e-mail and Eric found the solution;
Please just keep config as your first setting, with all zeros in MAC mask. Then add some new rules that with Destination MAC=white list.
This is because the MAC ACL binding to VLAN not specific physical port, so the packet include upstream(Client->Server) and downstream(Server->Client). It’s necessary to add bi-direction rule.
I guess I'm not the only one who wants to build a MAC ACL white list so here's the solution to your all;
You have to make two rules per device. One with the device MAC in the destination MAC field of that rule. The second rule with the same device MAC in the source MAC field. MAC mask should be all zero's for both rules.
IN the VLAN Binding Configuration you pick the VLAN ID the devices of the white list should connect to. ACL type is MAC ACL and the ACL ID is the name you gave to the set of rules you made for your devices on the white list.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
