To test this feature, visit your live site.

Block a specific MAC address to be barred from connecting through our Global protect VPN

Hi PANgurus,

We have a query whether we can able to block a specific device from Connecting our Global Protect VPN by using the Device MAC Address.

Please review and share us with your thoughts. Awaiting for your reply !!

Best Regards,

Sahul Hameed

3 comments

Comments (3)

Reaper

Mar 02, 2021

as far as i know you cant do that based on the mac, but you could roll out machine/client certificates and then restrict access to only the devices that have an appropriate certificate installed

if it's a certain 'group of devices (i.e. all android phones) you can make a client profile for those devices and either quarantine them, or make logging in impossible for those devices

Reaper

Mar 02, 2021

the client connects using virtual interfaceso the physical mac is not seen by the firewall.

Can you share the use case for blocking a MAC address? maybe there's a different solution

sahul.hameed

Mar 02, 2021

Replying to

HI @Reaper

Their is requirement from our Management to block some of the listed user machines not to establish a connection to our Global Protect VPN. Due to this we are checking for an option to restrict the connection using the Machine MAC Address on our Firewall itself.

Best Regards,

Sahul Hameed

Forum: Forum