09-07-2018 01:18 AM - edited 07-05-2021 09:08 AM
Hi Guys,
On my environment, I want to block several client's MAC addresses. The goal is to prevent those clients to connect to any SSID that are being broadcasted by the WLC.
I did some research. An article said that, it is possible by inserting the MAC addresses to disabled clients list (Security -> Disabled Clients -> Manual Disable). But some other article said that it is possible by inserting the MAC addresses on CLI by issuing "config exclusionlist add 12:34:56:65:43:21" command.
My question is, which one of those two method that will work to prevent the client to connect to any SSID? Or maybe those two methods actually are the same thing?
And if I apply the config, will the AP go down for a while? Like when altering some element on an SSID.
I haven't tested any since my environment is operational 24/7 and I don't have any lab to test or some sort. I just don't want to make a mess by bringing the WiFi down since WiFi is our main connection and the availability of cables are minimal.
Thank you.
Solved! Go to Solution.
09-07-2018 01:23 AM - edited 09-07-2018 01:30 AM
Hi,
Information:
Client exclusion might be enabled or disabled on a per-WLAN basis. By default it is enabled with a timeout of 60 seconds.
My question is, which one of those two method that will work to prevent the client to connect to any SSID? Or maybe those two methods actually are the same thing?
You need to disable the clients by adding in the list.
And if I apply the config, will the AP go down for a while? Like when altering some element on an SSID.
no it will not impact to AP.
Info: us etheis command to disbale it: config config <MAC address> Name
Regards
Dont forget to rate helpful posts
09-07-2018 01:23 AM - edited 09-07-2018 01:30 AM
Hi,
Information:
Client exclusion might be enabled or disabled on a per-WLAN basis. By default it is enabled with a timeout of 60 seconds.
My question is, which one of those two method that will work to prevent the client to connect to any SSID? Or maybe those two methods actually are the same thing?
You need to disable the clients by adding in the list.
And if I apply the config, will the AP go down for a while? Like when altering some element on an SSID.
no it will not impact to AP.
Info: us etheis command to disbale it: config config <MAC address> Name
Regards
Dont forget to rate helpful posts
09-07-2018 04:55 AM
Hi Sandeep,
By adding on which list? On the CLI on or the GUI one? Or are those two refers to the same list?
And command that you're talking about, what is that for?
Thank you.
09-07-2018 05:48 AM
Disable via GUI and command I mentioned in above post are for same purpose.( To block the cliyto associate from any wlan)
Regards
Don't forget to rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide