06-05-2019 10:46 AM - edited 07-05-2021 10:31 AM
Hello All,
We have disabled WPA1 on all of our WLANs except for one. This one WLAN is for wireless printers only, and we have a bunch of old wireless printers that don't appear to have WPA2 as a security option.
We were thinking of possibly creating an ACL on the switch level that would only allow internal endpoints (*like PCs and Servers) to be allowed to talk to this Vlan.
Also, this SSID is a hidden network, not broadcasting its SSID.
Would doing something like that be helpful, or adding MAC Filtering, or anything along those lines..? Or is there no way to safely secure a wireless network that uses WPA1?
Thanks in Advance,
Matt
06-05-2019 11:09 AM
yes agree some clients not compatable with latest trends and they need to be part of network.
if you know all the list MAC address, then add them to list of MAC filter to protect more granular.
below guide help to setup one for the legacy printers and medical devices.
06-05-2019 12:43 PM
you can apply ACL at WLAN level on WLC itself.
06-07-2019 10:25 AM
06-08-2019 12:33 AM
06-10-2019 10:02 AM
Thanks for the reply Scott.
Yes, I agree. Someone can easily see an SSID that's not broadcasting with simple tools/Apps you can download, like Wi-Fi Analyzer.
I also understand that Mac Filtering can also be somewhat misleading to be considered a secure feature, in that someone could easily spoof a Mac Address of someone that's already connected...
Seems that the only decent option is to apply an ACL to that Vlan.
Thanks Again,
Matt
06-12-2019 07:14 AM
06-12-2019 03:00 PM
06-14-2019 12:04 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: