Configuring MAC filtering on the USG6000

37

The method of configuring MAC address-based filtering is as follows:
In the configuration of the security policy matching condition, set the source address/area or destination address/area to the MAC address for MAC address-based filtering.

Other related questions:
Configuring interzone packet filtering on the USG6000 series
Conditions and actions for configuring packet filtering

How to filter MAC addresses on an AR router
On a network where security requirements for user access are high, configure the interface security function on the router to enable the MAC addresses learnt by an interface to be converted to secure MAC addresses. If the maximum number of MAC addresses that can be learnt by a router reaches the upper limit, the router does not learn new MAC addresses and allows communication with the devices of only these MAC addresses. This can prevent untrusted users from communicating with the router over this interface and improve device and network security. For details about the function and its configuration procedure, choose Configuration Guide (via Command Line)> Security> Port Security Configuration through the URL: Product documentation."

Configure blackhole MAC addresses on S series switch
Perform the following operations to configure blackhole MAC addresses on S series switches (except S1700): 1. Configure a blackhole MAC address in a VLAN. [HUAWEI] vlan batch 100 [HUAWEI] mac-address blackhole 0-0-1 vlan 100 2. Configure a blackhole MAC address globally. The globally configured blackhole MAC address takes effect in all VLANs. [HUAWEI] mac-address blackhole 0-0-1 After the preceding configuration is complete, you can run the display mac-address blackhole command to view the configured blackhole MAC address.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top