Add MAC Firewall Policy Rules

Before you begin

About this task

MAC firewall policy rules determine how the device manages traffic based on source and destination IP addresses, and the actions (permit or deny) the device can take. When the policy contains multiple rules, the order of the rules affects how they are applied. Use this task to create a new rule.

Procedure

  1. Select the add icon.
  2. For Source MAC, select Any, an existing MAC OUI or the plus sign.
    If you choose to add a new Source MAC, select MAC Address or MAC OUI and perform the following:
    1. Enter a new name.
    2. Enter the MAC Address or MAC OUI.
  3. For Destination MAC, select ANY, an existing MAC OUI or the plus sign.
    If you choose to add a new Source MAC, select MAC Address or MA OUI and do the following:
    1. Enter a new name.
    2. Enter the MAC Address or MAC OUI.
  4. Select the action the device performs when it receives traffic matching the source address-destination address-service.
    The firewall can perform the following actions:
    • Permit: Allows traffic to traverse its firewall.
    • Deny: Blocks traffic from traversing its firewall.
  5. Choose one of the following logging options from the drop-down list:
    • Off: Disable logging for packets and sessions that match the MAC firewall policy rule.
    • Session Initiation: Log session details about a session created after passing a MAC firewall policy lookup.
    • Session Termination: Log session details about a session matching a MAC firewall policy termination.
    • Both: Log session details after initiating and terminating a session.
  6. Select Save.

What to do next

As you continue to add rules to a policy, each new rule is positioned at the bottom of the list. Use the up and down arrows in the rules table to rearrange the position of rules to determine their application order.