Great news! The Free Tier is back and accepting new users.

Learn how to get started
Open Markdown

How to block specific devices on UniFi networks easily

Sometimes a device just shouldn’t be on your network. Maybe it’s a rogue printer, someone’s smart toaster, or a random laptop that popped up out of nowhere. Whatever the reason, if you’re using UniFi, blocking a specific device from your network is straightforward. You don’t need to be a networking wizard to do it either.

Let's go !!

Before we dive in, please don't self-host your UniFi Controller if you take care of client networks. Sooner or later this will cause issues! It's fine for home users, but definitely not recommended for IT service businesses and MSPs. If you want secure, reliable and a scalable hosting solution check out UniHosted.

Why block devices in the first place?

Blocking devices comes up more than you’d think. Here’s when it’s usually useful:

  • Unrecognized devices are showing up on your network.
  • Someone’s hogging bandwidth, streaming Netflix in 4K all day.
  • You want to temporarily cut off a device without changing Wi-Fi passwords.
  • You’re running a public network and want to ban repeat offenders.

Whatever the case, UniFi makes it easy to take control.

Step 1: Log into your UniFi Controller

First, log into your UniFi Controller. Whether you're using a Cloud Key, Dream Machine, or UniHosted (our hosted UniFi Controller service), it's the same process.

Open your browser and go to your UniFi dashboard. If you're with us, that might look like:

bash
https://yourdomain.unihosted.cloud

Enter your login credentials and head to the UniFi Network application.

Step 2: Go to the ‘Clients’ section

Once you’re in UniFi Network, look for Clients in the left-hand menu. This page shows every device currently connected to your network.

You can sort or filter by wireless, wired, online, or offline devices. You’ll see:

  • Hostnames (sometimes helpful, sometimes just gibberish)
  • MAC addresses
  • IP addresses
  • Connection type (Wi-Fi or Ethernet)
  • Activity (how much data they’re using)

Find the device you want to block from this list.

Step 3: Identify the device

Sometimes this part takes a little digging. If your coworker complains their phone got cut off, you’ll know you hit the wrong device.

Tips for identifying the right device:

  • Check the device name (sometimes phones show up as “John’s iPhone”).
  • Look at the MAC address printed on the device or found in its network settings.
  • Check data usage or last connected time, useful if the device is idle or hiding.
  • Tag devices you recognize so they don’t get blocked by mistake.

Once you’re sure about the device, click on it to open its details panel.

Step 4: Block the device

Here’s where the magic happens. In the device panel, look for the “Block” button. It’s typically at the bottom of the panel.

Click Block.

That’s it. The device is now denied access to your network. It won’t be able to get an IP address or talk to any other devices. If it tries to reconnect, it’ll fail silently.

You’ll see its status update to “Blocked” right away.

Step 5: (Optional) Forget the device

Blocking keeps the device on the client list in case you want to unblock it later. But if you want to wipe it completely, click Forget instead.

Be careful: this removes all history for that device. If you block it later again, you’ll have to re-identify it.

What happens when you block a device?

Here’s what goes down under the hood:

  • The UniFi Controller tells your access points and switches to deny traffic from that MAC address.
  • The blocked device gets dropped from the network, even if it tries to reconnect.
  • The DHCP server won’t issue it an IP.
  • It’s cut off from LAN and WAN access (local and internet).

In short: it’s locked out.

Blocking devices at different levels

Sometimes you want more control than just clicking “Block.” Let’s break down your options.

1. Firewall rules (more advanced)

You can block traffic from specific IPs or MAC addresses using custom firewall rules.

Go to:

Settings > Firewall & Security > Rules

Create a new rule that blocks traffic from the device’s IP or MAC address. This is useful if you want to:

  • Block a device from the internet but still allow LAN access
  • Block it during certain hours (combine with schedules)
  • Log attempts or trigger alerts

2. Wi-Fi MAC filtering

Want to block a device from connecting to a specific Wi-Fi network? Use MAC filtering.

Go to:

Settings > Wi-Fi > [Your SSID] > Advanced

Scroll to the MAC Filtering section. Here, you can create an allowlist (only certain devices connect) or a denylist (block specific devices).

It’s more rigid but good for guest networks or secure access points.

3. VLAN isolation

Instead of outright blocking, you can isolate devices to a separate VLAN with no internet access.

This is perfect for unknown devices that need network access but shouldn’t talk to anything else. For example, you can shove random IoT devices onto a restricted VLAN.

To do this:

  • Create a new VLAN under Settings > Networks
  • Set it with no WAN access
  • Assign the VLAN to a specific port or SSID

Now any device on that VLAN can’t go anywhere.

Unblocking a device

Need to reverse course? Maybe someone got blocked by accident.

Head back to the Clients list. Find the blocked device and click into it. Hit Unblock and it’ll be allowed back in. The device might need to rejoin the Wi-Fi manually, but otherwise, that’s it.

Best practices

Here’s how to stay organized and avoid chaos:

  • Tag or name devices you recognize. Makes it easier to spot intruders.
  • Use user groups to manage speed limits or bandwidth per user.
  • Create alerts for new devices joining the network (Settings > Notifications).
  • Set up guest Wi-Fi with its own VLAN to isolate temporary users.
  • Regularly audit your Clients list, especially on larger networks.

Common scenarios and how to handle them

Someone's kid is gaming nonstop

You don’t need to block the device entirely. Just create a user group and limit its bandwidth.

Go to:

Settings > User Groups > Create New Group

Set upload and download limits. Then assign the device to that group under Clients.

A new device shows up at 2AM

Red flag. You can block it instantly from the Clients panel. Then do a sweep, check your Wi-Fi password, guest SSIDs, and VLAN access.

The office smart TV keeps phoning home

Isolate it on a VLAN with no internet access. It’ll still be accessible for casting locally, but won’t send data out.

You want to kill Wi-Fi for your kid’s tablet after bedtime

Create a firewall rule based on MAC address and time schedule. Done.

final thoughts

Controlling who’s allowed on your network, and who isn’t, shouldn’t be a hassle. With UniFi, blocking specific devices takes just a few clicks, but there’s also a lot of room to get creative if you want finer control.

Whether it’s for speed, security, or sanity, knowing how to manage connected devices gives you full ownership over your setup.

And if you're hosting your UniFi Controller with us at UniHosted, all of this is even easier. We handle updates, backups, and give you reliable remote access to your controller 24/7. You get all the power of UniFi, without the maintenance headaches.

Try Unihosted free with up to 5 devices and take back control of your network, on your terms.