Jump to content
Welcome to our new Citrix community!

Filter access based on mac address

Recommended Posts



I was trying to perform EPA scan to allow access only to specified mac address

I have used the following document https://support.citrix.com/article/CTX118871


but the Policy doesnt seem to work. I have tried to change the mac address to XX:XX:XX:XX:XX:XX as specified in many forums but yet there is no access. Is there any recommendations ?

Link to comment
Share on other sites

What expression did you use and which feature?

For responder policy and advanced engine it is usually:  client.ether.srcmac  Use the expression builder but it should take mac address with ":" separators:  example:  CLIENT.ETHER.SRCMAC.EQ(00:0b:2b:0c:75:12)


For gateway or classic engine policies (if the advanced engine) can't be used, use the "expression builder" and select "network" instead of "general"  and then ether.srcmac (or variant) should be possible: REQ.ETHER.SOURCEMAC

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...
On 5/25/2020 at 7:38 AM, Marion Bauer1709159214 said:

Have you tried a nstrace? Cause I am afraid the MAC Address of the Client - if it is not within the same subnet - will not be included in the TCP/IP Packet.


This is an important remark, the MAC address will not reflect the client MAC if the client and the Citrix ADC vserver are not in the same subnet.

Link to comment
Share on other sites

  • 2 years later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...