10-24-2012 08:33 AM - edited 07-03-2021 10:54 PM
Hi,
I am wondering if it is possible to do MAC pre-authentication (MAC filtering) while also using LDAP for user authentication. For example, users who have their MAC in the MAC filter will be automatically allowed, which the remaining WLAN users will be directed to the Cisco login page to authenticate against an LDAP server.
Also of note, my APs are running in local mode.
Software: 7.0.220.0
10-24-2012 04:10 PM
Both are independent and it should work.
once client passes layer-2 mac filter, should get an ip, on trying an external url, splash page should show up, entered user credentials uses LDAP for lookup and get authenticated.
10-25-2012 05:02 AM
Thanks,
But what I was hoping the MAC filter would do is auto-authenticate the user. Example, a board member's iPad would be auto authenticated if the WLC sees their MAC address, so the splash screen would not be bypassed. Is this possible?
10-25-2012 11:44 AM
#1 MAC filter is L2 and webauth is L3 security, if both options are enabled the wireless client on that wlan passes L2, get ip, request for ext url and shows the splash page.
#2 On MAC filter failure:
If a WLAN has both a Layer 2 (mac-filter) and Layer 3 security (webauth-on-macfilter-failure) configured, the client moves to RUN state if either one is passed. if it fail Layer 2 security (mac-filter), the client is moved to Layer 3 security (webauth-on-macfilter-failure) i.e, when clients fail on MAC filter, they get automatically switched to webAuth.
difference between #1 & #2
Web policy --> authentication, it can or can't be configured with mac filter, if mac filter enabled then it will be mandatory & can't fail to webauth like above, means it has to pass macfilter first and then webauth also.
the above scenario is irrespective of local/LDAP is used. user lookup kickin only the webauth is processed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide