Creating firewall rules based on source MAC addresses in Sophos UTM

  • Article ID: 119167
  • Rating:
  • 18 customers rated this article 3.6 out of 6
  • Updated: 25 Jun 2015

With the release of Sophos UTM version 9.1, you can now create firewall rules based on source MAC (media access control) addresses.

This functionality provides stricter security as it prevents users from setting a static IP address and potentially gaining access to filters based on that IP address.

Known to apply to the following Sophos product(s) and version(s)
Sophos UTM

Operating systems
UTM 9.1 or higher

What To Do

  1. Open the Sophos UTM WebAdmin interface and login.
  2. Go to the 'Definition & Users' | 'Network Definitions' | 'MAC Address Definitions' tab.
  3. Create the MAC address list object.

  4. Go to the 'Network Protection' | 'Firewall' | 'Rules' tab.
  5. Create the rule as usual by choosing sources, services and destinations.  'Action' can be either "Allow", "Drop" or "Reject".
  6. Expand the 'Advanced' section and select from the 'Source MAC Addresses' field your MAC list definition.

    This configures the rule so that it only applies to the hosts with the MAC address from that list.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent