Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
1
Replies

871W + mac address security

r.drummond
Level 1
Level 1

‎02-23-2006 12:58 PM - edited ‎03-03-2019 11:50 AM

i have a cisco 871w with two ssids configured. one for my private network, and one for the guest network. is there a way i can keep wireless clients from associating with the ssid for the private network? if your mac isn't specified in one of the ACLS, i don't want the client to have the ability to associate. i have tried:

bridge-group 1 input-access-list <mac address acl number> and it seems that the clients can stil associate with the private network. they may not be able to get anywhere, but i don't want them to even associate with it.

thanks in advance

-Rob

Labels:
0 Helpful
1 Reply 1

arvindchari
Level 3
Level 3

‎02-24-2006 08:28 PM

Cos of the way 802.11 is designed, there is no way to use MAC filtering the way we could in an ethernet network.

What you could try is to disable SSID broadcasting on the router, that way, the accesspoint / router would stop sending out broadcasts and only clients who knew the ssid and wep keys would be able to associate with the network.

Please note that for any person with a compliant card and software like airodump, it would still be possible to "listen" in to the ssid using the software and associate with the AP if he knows what the WPA / WEP keys are. Later, he could spoof his mac address using software like smac and logon to your wireless networs as the frames are most likely not encrypted

Disabling SSID broadcast however, would deter the casual user from associating as the network would not show up in a normal winxp based scan for wireless networks.

0 Helpful
Customers Also Viewed These Support Documents