Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3255
Views
0
Helpful
5
Replies

WLC - block MAC Address

battanc
Level 1
Level 1

‎07-02-2013 05:28 AM - edited ‎07-04-2021 12:20 AM

Wireless system with 3 x WLC-4402, version 6.0.199.4, about 100 AP, about 300 clients.

I need to block some clients that are bombarding me with frequent and repeated "Signature attack" (Auth flood).

I tried to put the MAC Address in the black-list (Disabled Client), but it seams non work.

Other suggestion ?

Claudio

Labels:
0 Helpful
5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

‎07-02-2013 05:29 AM

Using mac filters is really the only way to block a mac address.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎07-02-2013 05:32 AM

If its an authentication issue, then you can enable client exclusion on the WLAN also.  3 failures will automatically put them in the exculsion list.  Not that I like pgrading, but the latest versions of 7.0.x are pretty good, but you need to make sure your AP's support that code.  6.x is pretty old.

http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful

battanc
Level 1
Level 1
In response to Scott Fella

‎07-02-2013 05:33 AM

But also with the block, I keep getting reports of "Signature attack detected"

And the client get connected ...

What do I wrong ?

Claudio

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to battanc

‎07-02-2013 05:35 AM

Well.... is there any client issues?  If not, then maybe its a bug on that code.  You have to look into it more and see as a corrupted driver on the client end can be causing the issue or maybe its a newer device that acts differently.  Try upgrading and see if it goes away or else you need to figure out what client that is and see if you can figure out the issue.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful

mmangat
Level 1
Level 1

‎07-02-2013 06:58 PM

Hello,

Unfortunately there is no option of using  wildcard mask on WLC for mac  filtering. We need to configure complete  individual MAC addresses which needs to be allowed (rest  of it would be  blocked).

More information : 

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card