Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4680
Views
0
Helpful
7
Replies

Is it possible to block MAC on AP?

Go to solution
Mark Mattix
Level 2
Level 2

‎06-06-2012 07:27 AM - edited ‎07-03-2021 10:15 PM

Is there is a way to block a specific MAC address from associating with an Acces Point yet still allow them to connect to the SSID that a different AP is also broadcasting? I have read some posts that talk about doing this with ACLs on the AP but I was wondering if it's possible in a WLC?

Here's my problem, I have 5 APs broadcasting the SSID, CISCONETWORK. Some stations connect to the AP that is further away which means a weaker signal and them constantly dropping a connection. I want to block the MAC from associating with 4 of the 5 APs to where the client ultimatly can only associate with the closest AP. The station's wireless NIC is also updated.

If my only option is to use an ACL could this only be applied to specific APs and not globally because I still need the client to connect to the same SSID of ones that will also be blocked.

Thanks for any help!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎06-06-2012 07:36 AM

ACL's on the WLC are applied to a WLAN or to an interface, not to a specific AP, like you would in IOS.

What rates do you have enabled?  1,2,5.5,6,9 should be disabled.  if you are purely A/G/N you could probably get away with disabling everything below 18, if you have a desinged to a -75ish cell edge.  This should keep the client from hearing an AP that is too far away

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Tony Rosolek
Level 1
Level 1

‎06-06-2012 07:35 AM

i dont know how you can do that and i think it doesnt make sense.

what is if your client moves through the building? If you block him from nearly all APs, there is no mobility at all.

Check the Client and if possible upgrade driver and firmware.

Sent from Cisco Technical Support iPad App

||| Please rate helpful posts. Thanks! |||
0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎06-06-2012 07:36 AM

ACL's on the WLC are applied to a WLAN or to an interface, not to a specific AP, like you would in IOS.

What rates do you have enabled?  1,2,5.5,6,9 should be disabled.  if you are purely A/G/N you could probably get away with disabling everything below 18, if you have a desinged to a -75ish cell edge.  This should keep the client from hearing an AP that is too far away

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
Mark Mattix
Level 2
Level 2
In response to Stephen Rodriguez

‎06-06-2012 08:24 AM

Steve, I'm still pretty new to using the WLC and WCS, so please bear with me. Where can I find the settings for the cell edge? Once I set the desired cell edge signal, will the WLC adjust the power output in order to create the desired cells? Also, currently all data rates are being supported. Thanks a lot for your help!

tonyffo86, the client is at a permanent location and the device has all updated drivers and firmware.

0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to Mark Mattix

‎06-06-2012 09:22 AM

The cell edge would have been defined during the site survey. If you had one done you can go hover between the AP and see what the single is. If you didn't have one, you can try disabling everything below 11/12 and see if that helps.

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
Mark Mattix
Level 2
Level 2
In response to Stephen Rodriguez

‎06-11-2012 09:28 AM

On a 1252 LAP is there an equivalent speed to signal? Like if the device connects to the AP that has a constant signal of -73 what data rates could I block up to, that would allow a connection to be established when the client got a signal at -70 or better?

Thanks!

0 Helpful

Go to solution
shaqpappi
Level 1
Level 1
In response to Mark Mattix

‎06-09-2012 12:47 PM

On a WLC you can find those settings at Wireless/802.11g on the left hand side/Network. You will see all the data rates and on the drop down disable 1,2,5.5 and 11mbps data rates. This will prevent clients from associating at those d/r. Be cautioned however that some legacy devices as well as some smartphones 'may' not connect at all. Additionally if there are numerous retries on a client they will start downshifting to an acceptable d/r and if they decide 11mbps is acceptable but it's disabled they won't connect. That's why site survey,design for client, and careful planning are extremely important.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Mark Mattix
Level 2
Level 2
In response to shaqpappi

‎06-11-2012 11:19 AM

Is it possible to change only 1 AP's supported speeds and not globally change all APs?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card