How to configure MAC address filtering to prevent unauthorized network access on Huawei ONT
Huawei EchoLife ONT includes HG8010, HG8010H, HG8045, HG8045A, HG8240, HG8546M, HG8240T, HG8240W, HG8245C, HG8245, HG8245Q, HG8245T, HG8247H5, HG8247H, and router, etc.
By setting MAC address filtering, you can allow only your own device to access the network (whitelist), or do not allow unauthorized devices to access the network (blacklist), effectively preventing unauthorized network access. Huawei ONTs support MAC address filtering for wired and wireless networks. The following describes the two scenarios respectively.
MAC address filtering on wired networks:
(1) Click Advanced Configuration > Security Configuration tab, and choose MAC Address Filtering in the navigation tree on the left. In the pane on the right, after enabling MAC filter and selecting the filter mode, click New. On the dialog box that is displayed, configure the MAC filter rule for the PC to access the Internet.
(2)Click Apply.
The MAC address lists of PCs in the network are saved on the ONT. Configuring MAC filter rules enables the PCs that conform to the rules to access the Internet service or disables the PCs that do not conform to the rules to access the Internet service. A PC may have more than one IP address but a unique MAC address. Therefore, configuring MAC filter rules effectively controls the Internet service access rights of PCs in a LAN.
Parameters related to the MAC address filter:
| Parameter | Description |
| Enable MAC filter | Indicates whether to enable the MAC address filter function. |
| Filter mode | Indicates the MAC address filter rule of the blacklist or whitelist. · Blacklist: indicates that the data meeting the rule in the filter rule list is not allowed to pass. · Whitelist: indicates that the data meeting the rule in the filter rule list is allowed to pass. The filter mode is global config mode. Thus, the blacklist and whitelist modes cannot be used at the same time. |
| Source MAC address | Indicates the source MAC address in the MAC address filter rule. |
MAC address filtering on wireless networks:
(1) Click the Security tab, and choose WLAN MAC Filter Configuration from the navigation tree on the left. In the right pane, select Enable WAN MAC filter, set the filter mode, and click New. In the dialog box that is displayed, configure the SSID-based MAC address filter rule.
(2) Click Apply.
Parameters for wireless network MAC filtering:
| Parameter | Description |
| Enable WLAN MAC filter | Enables or disables the WLAN MAC filter function. |
| Filter mode | Indicates the MAC filter mode. It can be set to Blacklist or Whitelist. · Blacklist forbids data packets that match rules in the blacklist to pass through. · Whitelist: allows data packets that match rules in the whitelist to pass through. The blacklist or whitelist mode is a global configuration. The two modes cannot be used at the same time. |
| SSID index | Indicates the SSID index of the WLAN for which MAC address filtering is configured. |
| Source MAC address | Indicates the source MAC address in the MAC filter rules. |
