cancel
Showing results for 
Search instead for 
Did you mean: 
rajjesh
Level 9

Need to create a rule based upon client hardware address (Mac Address)

HI,

One of our customers is using DHCP.  The customer wants to bypass authentication for one of its internal host. We have authentication rule set in placed. To achieve the requirement we created bypass rule with client.ip property at top of all other rulesets, also above the authentication ruleset.

However since the network is using DHCP, we have manually change the IP value in the ruleset, whenever the IP of the system changes.

We now want to set similar kind of rule based upon the hardware address instead of IP.

Please help out on this !!!!

0 Kudos
4 Replies
McAfee Employee

Re: Need to create a rule based upon client hardware address (Mac Address)

Web gateway is not privvy to this information in most cases. It may be available if the user was on the same network as the MWG (that way it could see the MAC), but the Web gateway does not have a property for this.

Best,

Jon

0 Kudos
rajjesh
Level 9

Re: Need to create a rule based upon client hardware address (Mac Address)

Hello Jon,

Can we have any workaround to oversome this situation ????

0 Kudos
andyclements
Level 12

Re: Need to create a rule based upon client hardware address (Mac Address)

As you are using DHCP, you could put in a fixed entry for that specific host.  That would be the easiest and most robust option.

Another option would be to have some external tool parse the DHCP server's clients list and report the IP assigned to that MAC address.  This would have to be done with the external lists feature.  I don't see it being very easy though, and could easilly break at any point in the future if any of the external pieces changes.

0 Kudos
rajjesh
Level 9

Re: Need to create a rule based upon client hardware address (Mac Address)

Hi all,

Thanks for ur response.

We have gone for the first solution i.e a fixed entry for that specific host. This fullfills the need.

0 Kudos