09-08-2011 10:21 AM - edited 07-03-2021 08:44 PM
Hi,
I have successfully configured the multiple SSID in the Access-point. But I am not able to achieve my objective. I want to allow only one user laptop to connect with this SSID. Currently I have applied the max session configuration but I want to bind the MAC address with this SSID. So that on the base of MAC address users can connect with SSID EMGAS which is configured for WEP.
dot11 ssid EMGAS
vlan 24
max-associations 2
authentication open
guest-mode
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 25 mode ciphers tkip
!
encryption vlan 24 key 1 size 40bit 7 88953EF67928 transmit-key
encryption vlan 24 mode wep mandatory
!
ssid EMGAS
!
ssid GUEST
!
ssid WAP
dot11 ssid EMGAS
vlan 24
max-associations 2
authentication open
guest-mode
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 25 mode ciphers tkip
!
encryption vlan 24 key 1 size 40bit 7 88953EF67928 transmit-key
encryption vlan 24 mode wep mandatory
!
ssid EMGAS
!
ssid GUEST
!
ssid WAP
Kindly assist me how to achive the MAC base restriction in the SSID (EMGAS).
09-08-2011 10:32 AM
You can do an ACL and block it from the AP. (See below)..
But to do it by SSID I think you will need a radius server ...
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008058ed26.shtml
09-08-2011 10:34 AM
Super fast George
Regards
Surendra
09-08-2011 10:35 AM
Oh, ok so you apply it to the bridge interface ... I didnt think of that .... So you can do it by SSID....
good show! +5
09-08-2011 10:39 AM
Yup.. i hv done this many times.. but dint try this before posting now!! since i am in my house and no acceess to the client but just the AP!! U can check it out if ur have a client and the AP handy!!
Regards
Surendra
09-08-2011 10:39 AM
Forgot.. thanks for the rating
Regards
Surendra
09-08-2011 10:33 AM
configure MAC filter allowing on that MAC address and map that ACL to the Corresponding Sun interface..
the command is..
en
conf t
access-list 700 permit
end
conf t
int dot11 0.X
bridge-group X input-address-list 700
This will help u!!
Please done forget to rate the usefull posts!!
Regards
Surendra
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide