ban the users by hardware MAC of their devices

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
hadi
Posts: 3
Joined: Sat Feb 08, 2020 8:10 am

ban the users by hardware MAC of their devices

Post by hadi » Sat Feb 08, 2020 11:26 am

Hello guys,
I've just launched a softether vpn server and I'm a beginner on this. I wanted to know if there is a way to ban the users by the hardware MAC of their devices or not? assuming I know their MAC address.

sky59
Posts: 334
Joined: Tue Sep 11, 2018 5:58 pm

Re: ban the users by hardware MAC of their devices

Post by sky59 » Sat Feb 08, 2020 2:15 pm

Your vpn will not see MAC as client may be behind a lot of routers

You can disable this only on router to which clients connect

hadi
Posts: 3
Joined: Sat Feb 08, 2020 8:10 am

Re: ban the users by hardware MAC of their devices

Post by hadi » Sun Feb 09, 2020 8:45 am

Thank you for replying.
But I can see the mac of my devices correctly in mac address table. I'm 20000 kilometers away from my VPN server. assuming we can see the mac correctly, is there a way to ban the users?

sky59
Posts: 334
Joined: Tue Sep 11, 2018 5:58 pm

Re: ban the users by hardware MAC of their devices

Post by sky59 » Sun Feb 09, 2020 8:06 pm

Now I also remember to see somewhere MAC addresses in SE manager....

But I used at that time only local network.

I have to check if MAC gets transported by TCPIP protocol going outside LAN

But anyway, I would not recommend focus on this as changing MAC address is trivial.

In Linux with "macchange" command. I remember I had also some code for windows xp buy not
remember name.

sky59
Posts: 334
Joined: Tue Sep 11, 2018 5:58 pm

Re: ban the users by hardware MAC of their devices

Post by sky59 » Mon Feb 10, 2020 8:57 am

I checked it with my fried:

if you use SE vpn Layer2 and all devices are in the same subnet /24 then MAC addresses are even used for communication

if you use Layer3 then clients are behind many routers and it is not guaranteed that router will not change MAC, very likely you wll see MAC address of the last router on the route to your vpn server

with the fact that canging MAC is the easiest thing in this world I do not recommend to spend time on this

hadi
Posts: 3
Joined: Sat Feb 08, 2020 8:10 am

Re: ban the users by hardware MAC of their devices

Post by hadi » Thu Feb 13, 2020 12:38 pm

Hello again,

I almost realized. Thank you for answering. :)

Post Reply