You can do it...but it's a poor idea.
You can get the user IP very easily:
string ip = Request.UserHostAddress;
And it's trivial to add a table you your DB which contains "banned" addresses.
But...that is going to cause more problems than it solves.
The first problem is that the IP address is not specific to a single device: it is the address of the router (or similar equipment) that connects the user device to the ISP and thus the internet - so for a company it's likely that all employees in the building will "share" the same IP address. (You can't access the internal-to-the-building IP address because that never leaves the router, and it is common to every LAN installation: nearly all of them use 192.168.x.x addresses internally. And you can't access the MAC address except in very specific circumstances which occur in a minute number of cases - and they wouldn't help because they aren't unique either, and are trivial to "spoof".
The second problem is that most users have a dynamic IP address - it is assigned by the ISP when the router connects to the broadband network - so banning it does nothing except annoy innocent users when they are assigned it later! And to get a new IP is generally simple: turn off your router and wait a short period defined by the ISP and you'll get a new one when you restart it.
I wouldn't do it. Instead, I'd block the username and send an email to the registered email address with a link to "unblock" it (which requires the valid password).
Submit an article or tip