cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
94
Views
0
Helpful
5
Replies

Collect mac address smartphone automatically

giangle
Beginner
Beginner

Hi all,

I am using mac filtering in Cisco WLC 5520 to filter mac address of User's Smartphone but I have to do it manually one by one. Are there any solution to add mac address to WLC automatically. Or are there any solution to manage access to wifi.

Thanks

1 Accepted Solution

Accepted Solutions

Haydn Andrews
Collaborator
Collaborator

Agree with Balaji with using a RADIUS server.

What purpose are you trying to achieve, as most devices these days are using private mac addresses (Apple, Android, Windows) so the list would be ever growing.

The better way to do it would be utilising EAP authentication either via certificates or username and password.

Being smartphones if you want to restrict only the approved devices then EAP-TLS would be the way to go utilising a MDM solution for deploying the certificates.

You might be able to link the MDM solution with your RADIUS server if you have to do it via mac addresses to provide them to the RADIUS servers database and also ensure the real mac address is being utilised

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

5 Replies 5

marce1000
VIP Mentor VIP Mentor
VIP Mentor

 

                  - What is the purpose allowing or denying (e.g.) ?

 M.

Just allow for users in company

balaji.bandi
VIP Guru VIP Guru
VIP Guru

best is use to use radius authenticaiton, where you can have known mac address list to be authentication and add to list.

or OUI based authentication example only iphones need to connect.

some information help you :

http://www.labminutes.com/wl0012_wlc_l2_security_mac_filtering

https://tayam-infra.net/configure-mac-filtering-on-wlc-gui-and-cui/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

But you also collect mac address manually to add to list. Is it right ?

Haydn Andrews
Collaborator
Collaborator

Agree with Balaji with using a RADIUS server.

What purpose are you trying to achieve, as most devices these days are using private mac addresses (Apple, Android, Windows) so the list would be ever growing.

The better way to do it would be utilising EAP authentication either via certificates or username and password.

Being smartphones if you want to restrict only the approved devices then EAP-TLS would be the way to go utilising a MDM solution for deploying the certificates.

You might be able to link the MDM solution with your RADIUS server if you have to do it via mac addresses to provide them to the RADIUS servers database and also ensure the real mac address is being utilised

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers