cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3393
Views
0
Helpful
1
Replies

CISCO 2504 WLC MAC filter list

mazsola100
Level 1
Level 1

Hello!

 

We have cisco aironet 1600series APs and a 2504 WLC.

I wanted MAC based filter on the 2504 WLC

On the APs i managed this in the service and mac filter option. This was so easy to manage but i have to add the trusted mac address to all other APs.

We bought this WLC and i didnt find this option on this device.

How can i do this to easily manage the WLC MAC filter list like on the Aironet?

 

 

1 Accepted Solution

Accepted Solutions

Configuring MAC Filtering for WLANs

Restrictions for MAC Filtering
•    MAC filtering cannot be configured for Guest LANs.
•    Central Authentication and Switching—MAC authentication takes priority over MAC filtering if an external RADIUS is configured for the WLAN.
•    Local Authentication and Switching—MAC authentication does not work if MAC filtering is not supported on local authentication.
•    Interface mapping and profile precedence—MAC filtering for the WLAN set to any WLAN/Interface requires a mandatory profile name, followed by the interface name for the traffic to work properly.

Information About MAC Filtering of WLANs

When you use MAC filtering for client or administrator authorization, you need to enable it at the WLAN level first. If you plan to use local MAC address filtering for any WLAN, use the commands in this section to configure MAC filtering for a WLAN.

Enabling MAC Filtering

Use these commands to enable MAC filtering on a WLAN:
•    Enable MAC filtering by entering the config wlan mac-filtering enable wlan_id command.
•    Verify that you have MAC filtering enabled for the WLAN by entering the show wlan command.

When you enable MAC filtering, only the MAC addresses that you add to the WLAN are allowed to join the WLAN. MAC addresses that have not been added are not allowed to join the WLAN.

When a client tries to associate to a WLAN for the first time, the client gets authenticated with its MAC address from AAA server. If the authentication is successful, the client gets an IP address from DHCP server, and then the client is connected to the WLAN.

When the client roams or sends association request to the same AP or different AP and is still connected to WLAN, the client is not authenticated again to AAA server.

If the client is not connected to WLAN, then the client has to get authenticated from the AAA server.

For the Configuration example please go through the below link

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/91901-mac-filters-wlcs-config.html

Please refer the similar community also for better understand

https://supportforums.cisco.com/discussion/11659271/mac-filter-fields-wlc

View solution in original post

1 Reply 1

Configuring MAC Filtering for WLANs

Restrictions for MAC Filtering
•    MAC filtering cannot be configured for Guest LANs.
•    Central Authentication and Switching—MAC authentication takes priority over MAC filtering if an external RADIUS is configured for the WLAN.
•    Local Authentication and Switching—MAC authentication does not work if MAC filtering is not supported on local authentication.
•    Interface mapping and profile precedence—MAC filtering for the WLAN set to any WLAN/Interface requires a mandatory profile name, followed by the interface name for the traffic to work properly.

Information About MAC Filtering of WLANs

When you use MAC filtering for client or administrator authorization, you need to enable it at the WLAN level first. If you plan to use local MAC address filtering for any WLAN, use the commands in this section to configure MAC filtering for a WLAN.

Enabling MAC Filtering

Use these commands to enable MAC filtering on a WLAN:
•    Enable MAC filtering by entering the config wlan mac-filtering enable wlan_id command.
•    Verify that you have MAC filtering enabled for the WLAN by entering the show wlan command.

When you enable MAC filtering, only the MAC addresses that you add to the WLAN are allowed to join the WLAN. MAC addresses that have not been added are not allowed to join the WLAN.

When a client tries to associate to a WLAN for the first time, the client gets authenticated with its MAC address from AAA server. If the authentication is successful, the client gets an IP address from DHCP server, and then the client is connected to the WLAN.

When the client roams or sends association request to the same AP or different AP and is still connected to WLAN, the client is not authenticated again to AAA server.

If the client is not connected to WLAN, then the client has to get authenticated from the AAA server.

For the Configuration example please go through the below link

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/91901-mac-filters-wlcs-config.html

Please refer the similar community also for better understand

https://supportforums.cisco.com/discussion/11659271/mac-filter-fields-wlc

Review Cisco Networking for a $25 gift card