Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1275
Views
0
Helpful
8
Replies

Bypass Mac Filter

Go to solution
Linkeichi
Level 1
Level 1

‎05-15-2015 08:14 AM - edited ‎03-10-2019 06:22 AM

I have this network.

 

How can i block the Internet traffic to the smarphones devices but not the traffic of the laptop?

Cause they are bypassing the Mac filter, due that his packets are encapsulated with the MAC of the netbook.

There is a way that forces the Switch or the router to read the packets and find that the destiny MAC is another one, and is not in the approved MAC Table?

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
8 Replies 8

Go to solution
Karsten Iwen
VIP
VIP

‎05-15-2015 08:31 AM

There are several ways, but not on the switch-level. For example:

  1. MDM for the Laptops that turns off tethering for smartphones
  2. MDM for smartphones that turns off tethering to non-authorized systems
  3. Firewalls that recognize the OS of the requesting devide
0 Helpful

Go to solution
Linkeichi
Level 1
Level 1
In response to Karsten Iwen

‎05-15-2015 08:40 AM

And any suggestion of a Router level commands?

 

 

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to Linkeichi

‎05-15-2015 09:03 AM

no, also not for the router.

0 Helpful

Go to solution
Linkeichi
Level 1
Level 1
In response to Karsten Iwen

‎05-15-2015 06:43 PM

Then we can call a Win from the workers of the company if the IT department doesn't have a Firewall?, Cause that is what happen here!! the workers bypass with their tablets, Smartphones even their notebooks connected to that hotspot of the permitted MAC.

One question more, there is some Router that has a integrated Firewall, from the Cisco Solutions?

I saw here a 4600 or 4500, I want to get in TI and this contribution will help me to gain points.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to Linkeichi

‎05-15-2015 11:10 PM

You should only call it a Win for the workers if there were any protection mechanisms. But MAC based filters are so weak and easily avoidable that they can't really be considered a protection mechanism.

For Firewalling, you need something that does next-generation firewalling. The firewall embedded in IOS is not enough.

0 Helpful

Go to solution
Linkeichi
Level 1
Level 1
In response to Karsten Iwen

‎05-16-2015 06:06 AM

Then i'll suggest a next-gen firewall.

Any recommendation from Cisco one my friend?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to Linkeichi

‎05-16-2015 06:39 AM

There are two options from Cisco:

 

0 Helpful

Go to solution
Linkeichi
Level 1
Level 1
In response to Karsten Iwen

‎05-16-2015 06:59 AM

Thank you, i appreciate so much your tracking.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card