08-15-2008 03:43 AM - edited 07-03-2021 04:19 PM
We are using two WLC 4400 Series Controller for our Guest WLAN. They are installed the way Cisco Recommends . One in our LAN and one in the DMZ.
I am looking for a possibility to deny company users the access to this WLAN with their notebooks. The WLAN has direkt internet access and we don't want our notebooks to be compromised...
With MAC-Adress Filterring I can only permit access to a specific Wlan or is there a way to negogiate such a filter to use it for a denial?
Is there a possibility to use access lists for the denial of specific Mac-Adresses to a specific WLAN ?
Anyone an other good Idea how to solve this issue?
08-15-2008 06:24 AM
Well... MAC-address filter would work, but if you have alot to input, it can be a headache. ACL's I don't think will work, because users will get an ip from the guest network and then how can you know who has what address. Create a username password webauth page. The credentials can be changed each day or week depending.... and give this out to guest users to access the guest network. Now internal user can't access this unless the username password slips out. If you really want to make it tough, use GPO and push out the wireless policy and lock out the feature to add a wireless network.
08-18-2008 01:22 AM
But to use the MAC-adress filter isn't it only a positve list, so everybody inside the list ist allowed access?
I would need it to use the MAC filter negative, so everybody ist the list is denied the access.
The solution by a webauth page is in use in the moment. But our users are not that sensible with password information. That is the reason why i am looking for a strikt technical solution
08-18-2008 06:17 AM
Correct it is a positive list and there is not way you can have a negative list. The only way is to push a GPO to configure the wireless profile.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide