Mac Filter - Create allowlists and blocklists using MAC Addresses
MAC Address Filtering: Allow and Block Lists
Overview
MAC Address Filtering allows you to control network access by creating allowlists or blocklists for specific devices on your VLANs. This feature gives you granular control over which devices can connect to your network infrastructure.
Understanding Allow vs Block Lists
Allow Lists (Whitelist)
An Allow list operates on a least privilege security model. When you configure an Allow list for a VLAN:
- Only MAC addresses explicitly added to the Allow list can access that VLAN
- All other MAC addresses are automatically denied access
- This is the most secure option for sensitive networks or VLANs requiring strict access control
Use Case Example: Guest WiFi VLAN where you only want pre-approved devices to connect.
Block Lists (Blacklist)
A Block list operates on a permissive model with exceptions. When you configure a Block list for a VLAN:
- All MAC addresses can access the VLAN except those on the Block list
- Only specifically blocked addresses are denied access
- This is useful when you need to restrict specific problematic devices while keeping the network open
Use Case Example: General office network where you need to prevent a compromised or problematic device from connecting.
Creating MAC Address Filters
- Navigate to Portal > Devices
- Click Mac Filter in the top right corner of the page
- Enter the following information:
- MAC Address: The hardware address of the device (format: XX:XX:XX:XX:XX:XX)
- VLAN: The VLAN number where this filter will apply
- Filter Type: Choose either Allow or Block
- Click OK to create the filter
Important Notes
- MAC filters are applied per VLAN - each VLAN can have its own independent Allow or Block list
- You cannot mix Allow and Block lists on the same VLAN - choose one approach per VLAN
- When using an Allow list, remember that no devices will connect until you add their MAC addresses
- MAC addresses can be found on device labels, in network settings, or in DHCP lease tables
Related Articles
Domain Filtering Configuration Guide
Domain Filtering Configuration Guide Enabling Domain Filtering will increase your monthly invoice. The Domain Filtering feature is part of our Advanced Firewall which includes Threat Analysis, Country Blocking, and Domain Filtering for a single ...Country Blocking - Configuration, Bad Actors List
Setup: Country Blocking is in your Portal > Firewall > Countries United States and Canada Only NOTE: We do not recommend setting Rule: Accept traffic from United States / Canada. In this configuration your clients will not be able to use services ...LAN Subnet and DHCP Server Configuration
Manage the DHCP Sever on on the Uplevel Gateway Map Mac Addresses to IP Addresses in the DHCP PoolUsing LTE / Mobile Network Modem As Primary or Backup / Failover Connections
Choosing Hardware: Since the Uplevel Unbox provides Wi-Fi and firewall capabilities, we recommend using a single-purpose modem, which simplifies configuration and reduces the solution cost. In this document, for our examples we use the Netgear 4G LTE ...Creating Accounts in the Uplevel Portal
Types of accounts In your Profile > Settings > Other Accounts tab you can create two types of accounts: Admin - Can create new accounts Tech - Can not create new accounts Create accounts Profile > Settings > Other Accounts tab