Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
313
Views
0
Helpful
0
Replies

Cisco ASA5506: can I prevent outgoing traffic for a host for which I do not know the IP address upfront

TomF
Level 1
Level 1

‎06-26-2020 08:03 AM

Hi,

 

we are trying to get the following scenario to work.

 

- ASA5506 in transparent mode (L2 filtering)

- on the inside zone we have a switch with several hosts connected to that switch

- the hosts get an IP address from a DHCP server which is not under our control

- we want to restrict certain machines on the inside from going to the outside zone 

 

As we do not know the IP addresses up front we thought we can use MAC addresses based filtering to block the traffic.

Filtering on MAC address does not seem to be possible on the ASA5506. 

 

Is there a different way to do this?

 

Regards,

TF

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents