Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
0
Helpful
2
Replies

client filtered with mac filter shows up as assoc, blocked

bgardiner
Level 1
Level 1

‎01-30-2003 01:21 PM - edited ‎07-04-2021 08:29 AM

Using AP1200 with 12.01T code

Cisco documentation states that a client whose mac address is disallowed via a mac address filter will not be able to associate to the access point. I have tested this by allowing only one (out of two) MAC address and changing the default Unicast Address Filter setting to Disallowed. I consistently see the state in the association table as assoc, blocked, which to me means association was permited, but traffic is blocked.

The ACU screen on the client shows a continuous bounce between associated and not associated.

When I change the implementation of the MAC filter to disallow the MAC address, but the default Unicast Address Filter is set to allow, then it works as per the documentation.

Why do I see a difference in the Association Table? Both methods should serve the same end, should they not?

thanks much.

Labels:
0 Helpful
2 Replies 2

rsahney
Level 1
Level 1

‎01-30-2003 05:35 PM

Hi,

Point 1 - In 12.0 the ethernet advanced properties show blocking state when no clients are associated to the AP.

Point 2- Client devices with the blocked MAC Addresses cannot send or receive data thorugh the AP, but they might remain in the association table as unauthenticated client devices, these devices will disappear from the association table when the ap stops monitoring them or they get associated to some other AP.

0 Helpful

bgardiner
Level 1
Level 1
In response to rsahney

‎01-30-2003 07:07 PM

regarding your point 1 - the assoc, blocked is shown in the status column of the association table for the client device, not in the ethernet advances properties.

re: point 2 - the client status shows as assoc, which means they have already passed thru the authentication process. And the ACU shows associated status on the filtered client. Even after rebooting the AP, it still comes back the same way.

Thanks for the reply, but the question remains.....

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card