You can enable access filters for this connection by checking the Enable access filters checkbox. This will allow you to set certain limitations, based on the IP and/or MAC address.
Each filter definition consists of pairs of filter name and filter descriptions. Pairs are delimited with a new line or using the ; character.
(allow_|deny_)(all|ip|mac) <filter description> [;(allow_|deny_)(ip|mac) <filter description 1> ...]
First part of the pair begins with allow_ or deny_ and is followed by ip or mac (applying IP or MAC filtering). The second part (filter_description) depends on the filtering type - either an IP address/subnet/... or a MAC address using the aa-bb-cc-dd-ee format.
When accessing a computer, its access rules are read from the top down and stop immediately when a rule is matched, whether it is allow or deny. If it gets to the bottom of the list, deny_all is implicitly used - i.e. if all the rules fail to match and it gets to the bottom of the list, access is denied. This means that you do not need to append deny_all to your list.
deny_ip 192.168.0.14 allow_ip 192.168.0.13/255.255.255.0 allow_mac 00-19-d1-06-c9
This will allow connections from any IP in the 192.168.0.* subnet except 192. coming from the 00-19-d1-06-c9 MAC address with any IP.
Important: IP and MAC addresses can be spoofed, so filters alone are not a substitute for a strong access password!
In this example we will deny the ip 192.168.0.14
The filter shows that the IP has been denied.
If you try to make a connection to this IP, ISL AlwaysOn will attempt to download but when it tries to access the client you receives this error message.