Is it possible to setup something on the MX (we have MX64s and Z3) where anything except for the computer with a specific MAC address won't be able to do anything when plugged in to the VPN box? I would suspect this would be a basic security feature. That or is it something that has to be done on our MX100's?
I found a fair number of articles, but most were about IP blocking, not MAC address. If it can be done, is there documentation somewhere that shows the steps in the Meraki dashboard on how to do this?
I can’t think of a document that shows how to do this, or whether you can do this with an MX. The closest I think you’ll be able to get it to configure Layer 3 firewalls to deny everything, then create a Group Policy to override the defaults and apply it to the client(s) you want to have access - the Group Policy is associated with the MAC address. It’s not going to be perfect, but should be a start.
@KarstenI Not as easily as it used to be, but yes I am aware of that. This is more so for people that go ooh I have a hub now, let me just plug in to this with my personal laptop and get on the internet.
Wonder why this isn't something you can just do in the firewall rules where you can just say I want to allow these MAC addresses and nothing more, and not have to go through the process that @Bruce posted.