Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
965
Views
0
Helpful
7
Replies

Cisco Autonomus 1131AG With Authentication PSK + Mac Filtering

Go to solution
Alejandro Alcantara
Level 1
Level 1

‎11-01-2017 08:02 AM - edited ‎07-05-2021 07:47 AM

Hello Experts.

I'm working with two 1131AG Aironet APs Autonomus, right now I have just one SSID with WPA2-PSK authentication method and everything is working fine, but my client asked for add mac filtering authentication,

I'm not sure if this AP can do it by itself and I'm not sure how to configure it.

I read this post and I saw it is using an authentication server.

Anyone know something about it?

Thanks in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP
In response to Alejandro Alcantara

‎11-01-2017 04:51 PM

Unfortunately is not possible:

"

Note The list is global. A MAC address defined in the list will be authorized to join any SSID where MAC address authentication is enabled. If you want to use different lists of MAC addresses for different SSIDs on the AP, you must use an external RADIUS server.

 "
 
-If I helped you somehow, please, rate it as useful.-

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Flavio Miranda
VIP
VIP

‎11-01-2017 09:17 AM

Hi,

 

Have you tried this?

 

access-list 701 deny  0000.0000.0000

Config terminal
dot11 association mac-list 701
end

 

-If I helped you somehow, please, rate it as useful.-

 

0 Helpful

Go to solution
Alejandro Alcantara
Level 1
Level 1
In response to Flavio Miranda

‎11-01-2017 10:15 AM

Never... :(

0 Helpful

Go to solution
Alejandro Alcantara
Level 1
Level 1
In response to Flavio Miranda

‎11-01-2017 11:04 AM

Hi Flavio.

I look for you comment so.. if I get it right I can do it in this way...

 

access-list 701 permit 0016.6f38.5a75   0000.0000.0000
access-list 701 permit 0016.6f47.2f5a   0000.0000.0000
access-list 701 permit 0016.6f72.8730   0000.0000.0000
access-list 701 permit 0016.6f6b.c156   0000.0000.0000

access-list 701 deny   0000.0000.0000   ffff.ffff.ffff

Config terminal
dot11 association mac-list 701
end

 

Is that correct?

 

0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to Alejandro Alcantara

‎11-01-2017 11:20 AM

Yeah, this should work!

 

 

 

 

 

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
Alejandro Alcantara
Level 1
Level 1
In response to Flavio Miranda

‎11-01-2017 04:28 PM

Thanks Flavio.
It works, but right now I have another question.
The ACL is applied to the Radio interface, this solution can be apply for SSID?
I was wondering... If I have subinterfaces per SSID I can apply it in each one?
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to Alejandro Alcantara

‎11-01-2017 04:51 PM

Unfortunately is not possible:

"

Note The list is global. A MAC address defined in the list will be authorized to join any SSID where MAC address authentication is enabled. If you want to use different lists of MAC addresses for different SSIDs on the AP, you must use an external RADIUS server.

 "
 
-If I helped you somehow, please, rate it as useful.-
0 Helpful

Go to solution
Alejandro Alcantara
Level 1
Level 1
In response to Flavio Miranda

‎11-01-2017 04:58 PM

Thanks Flavio :)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card