Hi, First, unfortunately it's not possible to do authentication by mac-address in windows firewall. Secondly, 'authentication' with a mac-address can sound like a smart idea at first look but for two reasons it's not as good as you might think 1. A server (or a device) only knows the mac-addresses of devices in the same broadcast domain they reside in themselves, that means you can only filter on devices in the same subnets. Since it's not possible with Windows Firewall, the way you sort of like could achieve this is with static arp entries (you hard code a specific ip address to a specific mac-address as in my example below). However not something i would recommend you doing. > arp -s 157.55.85.212 00-aa-00-62-c6-09. Adds a static entry. Since it's quite easy to spoof mac-addresses, It would be quite easy to steal the 'real' device ip address and mac address and in that way get 'authenticated'. If it's windows devices you are working with, I would instead recommend you looking in to Connection Security Rules with windows firewall, where you can use AD Users/Groups to authenticate traffic. How to Turn Off MAC Filtering. Three Methods:Wireless Routers (Windows)Wireless Routers (OS X)Apple AirPort RoutersCommunity Q&A. MAC (Multimedia Access Control) addresses are unique sets of codes assigned to electronic devices that identify the devices on a network. MAC filters work by either allowing or denying only specific MAC addresses. MCT| MCSE: Private Cloud/Server, Desktop Infrastructure. Most organizations make end user services like webmail and so on available directly from the internet (over ssl of course). But when it comes to remote access for administration that I am guessing you want to achieve, most organisations use some kind of VPN(virtual private network)-solution and depending on their security demands they have one or more factors of authentication required to gain access. You may have this functionality in your firewall and if not, Windows Server comes with several remote access solutions included (DirectAccess and different kinds of VPN.) Read more about setting that up on for example and With a VPN connection active your client will be in your 'internal' network and be able to access those resources like your were in the office (applies to most services.) Hope this gives you some help on your way! MCT| MCSE: Private Cloud/Server, Desktop Infrastructure. Hi, First, unfortunately it's not possible to do authentication by mac-address in windows firewall. Secondly, 'authentication' with a mac-address can sound like a smart idea at first look but for two reasons it's not as good as you might think 1. A server (or a device) only knows the mac-addresses of devices in the same broadcast domain they reside in themselves, that means you can only filter on devices in the same subnets. Since it's not possible with Windows Firewall, the way you sort of like could achieve this is with static arp entries (you hard code a specific ip address to a specific mac-address as in my example below). However not something i would recommend you doing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |