08-05-2024 11:58 PM
I dont see any option 9800 catalyst controller for MAC address filtering in an SSID. The method mentioned in this link not working, while select the auth list in SSID settings list does not shows up.
Solved! Go to Solution.
08-06-2024 06:25 AM
There is mac filter and mac filter with wpa
For your case check below
https://0x2142.com/how-to-catalyst-9800-mac-filtering/
MHM
08-06-2024 12:04 AM
- You may want to revert to configuring trough the CLI (only) , if applicable and possible
+ What software version is the 9800 controller using ?
M.
08-06-2024 12:10 AM
software version 17.3.4c
08-06-2024 12:14 AM
- The software version is old and EOL , consider 17.12.3
M.
08-06-2024 02:46 AM
I have upgraded version to 17.12.4 what i don't understand is how "Authorization Method" (Security > AAA > AAA Method list > Authorization) and "Device Authentication" (Security > AAA > > AAA Advanced >> Device authentication) is related.
Also there's no menu Configuration > Wireless > WLANs > + Add
. It's Tag&Profiles > WLAN
08-06-2024 03:04 AM
Edit wlan> secuirty > l2 secuirty
There is mac filter options
MHM
08-06-2024 03:45 AM
1. created WLAN and choose Mac filtering in Layer 2 security and choose Authorization list.
2. Only option available in Authorization list is below
3. Where to configure MAC address now?
4. Below is the only place i saw to add MAC address, there's an option to select the SSID. Now how does Authorization list and this MAC address relate or connected?
08-06-2024 04:02 AM
- Note that any GUI changes are implemented in the running configuration ; this is a bit elaborate but what sometimes helps or can give insights is to look or take a difference between subsequent version of the running configuration on an external repository (when making changes with the GUI) then use the intended or viewed running configuration command manually with the CLI and or use ? for correct command completion info's, because in the end it could be a bug in the GUI ,
Appendix ; you can always evaluate the configuration of a 9800 controller with the CLI command
show tech wireless and feed the output from that into Wireless Config Analyzer
Note : use the full command as mentioned in green , WirelessAnalyzer does not work with the
output from a simple show tech
M.
08-06-2024 04:55 AM
What is secuirty you use ?
Wpa + mac filtering?
MHM
08-06-2024 04:57 AM
08-06-2024 06:25 AM
There is mac filter and mac filter with wpa
For your case check below
https://0x2142.com/how-to-catalyst-9800-mac-filtering/
MHM
08-06-2024 08:57 AM - edited 08-06-2024 08:58 AM
It definitely works.
As Marce suggested I highly recommend using CLI not GUI - it's less confusing and follow the doc step by step.
Since you apparently want to use local MAC authentication note that the MAC addresses are configured as "username" but it is very important to enter the MAC address as all lower case with no punctuation (no dots, dashes or colons) otherwise it will not match.
Using MAC addresses for security really is not advisable though. It's not secure (because it's very easy to spoof a MAC address) and with randomised MAC addresses will ultimately become almost impossible. With the latest version of iOS iPhones do not use hardware MAC even for networks which have Rotating MAC (the new name for Private MAC) disabled. The non-rotating MAC is still a Private MAC, different for every SSID.
08-30-2024 04:45 AM
I could not find a proper step-by-step documentation other than this. Anyone trying to setup MAC address filter SSID in catalyst controller can try these steps;
08-30-2024 04:52 AM
I already share this link days ago
Maybe you missing it
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide