Time
1 hour 35 minutes
Difficulty
Beginner

Video Description

In this video, you will learn how to add device definitions to your FortiGate using Media Access Control addresses, or MAC addresses. These definitions form a whitelist that allows you to control the devices that can access your wireless network. MAC address identification also allows you to assign a reserved IP for exclusive use of a device when it connects to the wireless network.

Video Transcription

00:00
In this video, you will learn how to add device definitions to your Forte gate, using media access control addresses or Mac addresses.
00:09
Thes definitions. Formal white list that allow you to control the devices that can access your wireless network.
00:15
Each network device has a unique Mac address added by the manufacturer. This makes them a handy way to identify a device and in this example will identify an iPhone
00:28
Mac address. Identification also allows you to assign a reserved I p for exclusive use of a device when it connects to the wireless network,
00:37
even though Mac address filtering isn't foolproof. To get around this configuration, a malicious hacker would have to guess an address on your Mac White list.
00:51
First, you will identify the unique Mac address of a device on your network
00:57
for Windows devices. Open the command prompt and type I p. Config. Slash All
01:04
this output shows the configuration information for all the network connections.
01:10
Look for information about the wireless adapter and note the physical address
01:15
for Mac OS X device is open, terminal and type the following.
01:23
Make sure to note the Mac address
01:27
for IOS devices.
01:30
Open settings.
01:33
General.
01:34
A boat device
01:37
and take note of the WiFi actress
01:42
for android devices,
01:47
Open settings,
01:52
a boat device
01:55
status
01:57
and take note of the WiFi Mac address.
02:06
Next, go to user and device
02:09
device device definitions and create a new device definition for an iPhone
02:16
set alias to iPhone.
02:21
Set Mac address to the physical address of the device and set the device type toe iPhone.
02:28
The new definitions will now appear in your device. Lis.
02:32
If device identification is enabled on the wireless interface device definitions will be created automatically.
02:39
Then you can use MAC addresses to identify which device a definition refers to.
02:50
Now go to user and device
02:53
device device groups and create a new group
02:59
named the Group WiFi Access and add the new device as a group member.
03:12
Next, go to system
03:15
network
03:17
interfaces and edit the wireless interface.
03:22
If the 48 p is in bridge mode, you will need to edit the internal interface
03:28
under D H C P Server. Go to advanced options.
03:32
Create a new entry in the Mac reservation and access control list.
03:39
Make sure you reserve an I P address within the D H. CP range of the device is Mac address.
03:53
Go to Policy and objects
03:55
policy. I pee before and create a new policy
04:00
set. Incoming interface to your wireless interface
04:08
source device to the device Group,
04:13
an outgoing interface to the Internet Facing interface.
04:20
Make sure that Nat is turned on
04:32
to check your results. Connect to the wireless network with a device that is a member of the device group.
04:41
You should be able to connect to the WiFi and browse the Internet.
04:46
Connection attempts from a device that is not part of the group will fail.
04:50
Go to system
04:53
40 view all session
04:57
and select now to view the current results.
05:01
Filter the results using the reserve source i p. And verify that it is being used exclusively by the wireless device.
05:11
Thank you for watching. If you need further details, you can visit docks dot fort net dot com to access our complete documentation library.
05:19
Also check out her new cookbooks, ate at cookbook dot Fortinet dot com.

Up Next