Allow in with Mac address

Comodo Internet Security - CIS Firewall Help - CIS
#1

Hi,
I got a problem. I made a network zone, and add an IP address (my static IP), and the firewall work perfectly, but when I use my MAC address I can’t go in… :frowning: What Im do wrong?
(added zone in global rules and the predefinied policies)

thnx

#2

Welcome

Can you provide some more details about what it is you’re trying to do. Maybe posting screenshots of your network zone and Global/Application rules would help.

#3

As You see (I hope) I create Network zone and I add IP (now is a fake address), and after create access controls…

So, I want to change the IP address with MAC address in Network zone (Ill change it, but then dont work, the enter is blocked…)

[attachment deleted by admin]

#4

Apologies, I’m still not completely clear on what you’re trying to achieve. As I understand, you want to allow connections through the firewall, by MAC address?

Questions:

  1. Is there a specific application for which these connections are destined?
  2. Do you want the connections both inbound and outbound?
  3. Are the PCs from which the connections will be sent/received on the same Network
  4. If the connection is from a single PC, why not simply create a rule without using a zone?
#5

Yes, I want to allow connections through the firewall, by MAC address.

  1. There is a php program running on server (on apache server), so need to users enter on port 80, and for ftp, but only few users with own static IP addresses so I want to use with Mac address. I try now entering My Mac address… but dont work.
  2. Yes, with in and out.
  3. Yes
  4. Not single PC.

Few people will connect on server via Firefox, or via ftp client and copy files (in and out). Because they have a Laptops or notebooks (without static IP), I want to enter they Mac addresses for a connections

#6

I don’t think you’re going to be able to do what you want using MAC addresses, as the rule you create would need to contain the MAC addresses of the PC’s making the connection to you. This might be feasible if all the PCs were on the same local network - even then, creating specific MAC based rules wouldn’t be pretty - but when you attempt to something similar with connections originating from the Internet, you won’t be seeing the users MAC address, what you will see, is the MAC address of the last router the packet passed through.

Also, bear in mind, whatever you decide to do, in addition to any Global rules you create, you’ll also need an application rule for Apache httpd.exe to receive the connections.