03-31-2024 09:35 PM
Hello All,
Currently, I am doing migration from 5508 to C9800 however, we have many mac filtering to access some ssid on 5508, how to move mac filtering to C9800 ?
Thank you,
03-31-2024 11:49 PM
- Add one mac address to the 9800 ; then look it up in the running config ; save the running config to an external server ; methodologies such as cut and paste may then allow you to add the rest of the mac addresses where needed ; then import the modified running configuration again into the 9800 ,
Ref : https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213922-configure-mac-authentication-ssid-on-cis.html#toc-hId--795080180
M.
04-01-2024 08:23 AM
First you need to get the MAC filter database from your 5508.
Backup MAC database
>show macfilter summary -->to find which SSID's have MAC filtering enabled.
>show run-config commands --> Find the section that has your macfilter statements and copy them out to an Excel / note pad.
Example -
>show run-config commands
macfilter add XX:XX:XX:XX:XX:XX 0 management Test
Importing in 9800
Once you get MAC database, you can use the following C9800 CLI command syntax to configure MAC addresses to SSIDs.
Local RADIUS Server Configuration
!Configures an attribute list as FILTER_2
aaa attribute list FILTER_2
!Defines an attribute type that is to be added to an attribute list.
attribute type ssid "WLAN_2"
!Username with the MAC address is added to the filter
username 1122.3344.0001 mac aaa attribute list FILTER_2
!
aaa attribute list FILTER_1
attribute type ssid "WLAN_1"
username 112233440001 aaa attribute list FILTER_1
Or go to Configure --> Security --> AAA --> AAA Advanced --> Device Authentication and import the Excel sheet (CSV format) which has all MAC-addresses.
Note: Make sure to format the Excel sheet before importing
Note: In versions earlier than 17.3, the Web User Interface (UI) changed any MAC format you typed into the no separator format. In 17.3 and later, the Web UI respects whatever design you entered and it is, therefore, essential not to enter any separator. Enhancement bug Cisco bug ID CSCvv43870 tracks the support of several formats for MAC authentication.
Jagan Chowdam
/**Pls rate useful responses**/
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide