Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
802
Views
0
Helpful
1
Replies

Filter rules by MAC on ASA 5506?

cknowlton
Level 1
Level 1

‎11-05-2021 12:26 PM

Hello! 

 

I have a client with an ASA 5506 and next week they have an employee taking their IP phone home to setup working from home. As far as I know right now, till we get more info on the home network, it's DHCP for the public IP, not static. 

 

I need to allow traffic to the public IP inbound at the office to certain ports for the phone to register, connect to the phone system, etc. Trying to find out, is it possible to allow the user's modem's MAC address in the rules? I don't see that option but trying to avoid opening up rules to the public if I don't have a static IP at the employee's house where the phone will be setup. 

 

thanks!!

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-05-2021 12:51 PM

The MAC address is only locally significant and does not generally convey across the WAN.

Typically we have remote "Sites" such as this establish a site-site VPN over which corporate traffic is carried. You can do that with remote site having a dynamically assigned IP address but, if there are multiple ones, each would require a unique internal address space. Historically we also did this with AnyConnect phone setup but that's mostly been deprecated these days.

The other option that's much more commonly used these days is using a VoIP solution like WebEx calling to an Expressway CUCM server at the corporate office end.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card