04-30-2024 06:56 AM
I have a customer that wants have Non 802.1x aware devices to log a SSID with PSK but have the devices filtered by MAC. The remote site is on FlexConnect. They would like to lock down the SSID because a PSK gets shared around too quickly and the WAN link bandwidth is exhausted. They want to make sure they can get any needed device back online while the link is down. They have 9800 WLCs and C9130s. Thanks for any pointers to documentation or process.
Solved! Go to Solution.
04-30-2024 08:49 AM
The solution you looking may not be possible if the AP join WLC - WLC do the all task.
May be you should have local WLC or AP act as WLC for the remote sites to manage locally.
04-30-2024 07:48 AM
You can have MAC ACL on cat 9800 (check below guide can help and understand is this works for you?)
They want to make sure they can get any needed device back online while the link is down.
not sure we understand this correctly can you explain more on this context.
04-30-2024 07:56 AM
The customer does not want to go to the controller for the mac filtering. They want to know if there is a way to have the AP do all of the security if the controller connection is down, PSK with MAC filtering. They realize the MACs would be need on the individual APs.
04-30-2024 08:49 AM
The solution you looking may not be possible if the AP join WLC - WLC do the all task.
May be you should have local WLC or AP act as WLC for the remote sites to manage locally.
04-30-2024 11:50 AM
Thanks for that, they are afraid of too much delay to their Azure based controller or down links.
04-30-2024 10:53 PM
You can have bandwidth limit per client or per service based on the perimeter of Site.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide