Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
848
Views
0
Helpful
3
Replies

MAC-Based Authentication

raviuk
Level 1
Level 1

‎11-07-2001 08:59 AM - edited ‎07-04-2021 10:51 PM

I am sorry if this has been asked before or it is the wrong place to ask this.

I just want to know how secure is MAC-Based Authentication on an AP340 access-point (not bridge) with version 11.07.

I've done this by adding 'Dest MAC Address' in 'Address Filters' under 'Association' in 'Setup'.

Also selected 'Disallowed' for 'Default Unicast Address Filter' for all the relevant authentication types in 'Advanced' for 'AP Radio' of the 'Network Ports' in 'Setup'.

Thanks for any suggestions.

Labels:
0 Helpful
3 Replies 3

matthew.joyce
Level 1
Level 1

‎11-08-2001 02:32 AM

Cisco say they're "not appropriate as a security handle". Take a look at the bottom of

http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1327_pp.htm

I agree with them. MAC authentication might discourage casual wireless sniffers, but it's not a serious technical control.

0 Helpful

dave.reid
Level 1
Level 1
In response to matthew.joyce

‎11-08-2001 09:49 AM

Some older units allow the MAC to be overridden!

0 Helpful

bmcmurdo
Cisco Employee
Cisco Employee

‎11-15-2001 06:20 PM

If an attacker has a network analizer, they can see the MAC address in use (even if WEP is being used as the MAC must not be encrypted)

Some 802.11 NICs allow the user to configure a MAC address into the NIC.

So the attacker *could*:

1. observe a valid NIC in use

2. program that MAC into their NIC

3. Wait till the valid user has gone home

4. Use the NIC they have programmed to access your network from the safty of the parking lot.

LEAP or VPNs provide a much more secure solution

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card