cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
452
Views
5
Helpful
7
Replies
Highlighted
Beginner

Cisco WLC - Find used mac address users

Using Cisco 5508 Wireless Controller. Users connect to the SSID by MAC-filtering. Over the period of years around 2000 Mac address has been added. 

Currently there could be only 300 to 400 active users.

How to find list of MAC address connected or not connected in the last 3,4 months.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

From Report Launch on PI you have a client session report. 

You can collect for the past 3 months and check what mac addresses have been connected to that specific SSID. 

Saludos,
Rafael - TAC

View solution in original post

7 REPLIES 7
Highlighted
Cisco Employee

You will not be able to find this information on the WLC. You need another system such as DNAC or PI to track this information. 

Saludos,
Rafael - TAC
Highlighted

Thank you Rafael,

WLC is integrated with prime infrastructure. Any idea how to pull the data from PI?

 

 

Highlighted

From Report Launch on PI you have a client session report. 

You can collect for the past 3 months and check what mac addresses have been connected to that specific SSID. 

Saludos,
Rafael - TAC

View solution in original post

Highlighted

Thank You Rafael,

I generated report from PI, it included all wired clients too. Anyways I have opened a TAC ticket.

Highlighted

I would switch from that system, many modern operating systems have started to randomize the WLAN mac address. Some keep it the same, once you've successfully connected, but that is not guaranteed in the future.
Highlighted

Pat is right - iOS 14 on iPhone (currently in beta) changes the MAC address every 24 hours by default (can be disabled but user must do that manually). Other OS are likely to replicate this behaviour in future. After that MAC address as security will become meaningless and unmanageable so start preparing for that NOW (and we all know it's really not secure anyway because it's trivially easy to spoof the MAC address today). You should be using a secure method like 802.1x to authenticate your clients.
Highlighted

Thank you  rrudling,

Configurung 802.1x on every user mobile and laptops are not practical. Some other user friendly and easy-to-administer solution should come up.