Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
679
Views
0
Helpful
3
Replies

wlc mac filtering and dhcp reservations

Richard Dellaterza
Level 1
Level 1

‎10-29-2013 11:41 AM - edited ‎07-04-2021 01:10 AM

Hey guys so we have a client that has mac filtering set up across about 5 or 6 buildings and a core site. They are experiencing some issues when their wireless clients travel between these different remote sites. below is what they sent us:

"We’re having an issue with the Wireless Controller’s Mac Filter and DCHP Reservations talking to each other. Essentially, if a teacher has to travel between schools as far as we can tell; we’d have to add them into the Wireless Controller in each school and give reservation under each school’s scope. Considering the amount of traveling staff we have. Is there any way to have them ‘speak to each other’ so that we don’t have to replicate this information in so many places?"

My first thought is to confiugre MAC authentication using a RADUIS server.

This may not eleviate the issue of having to enter the client MAC addresses, so my next thought was to have a private SSID just for staff that does not broadcast and have the associate this way.

Any thoughts on what would be the ideal solution for there specific circumstance?

Labels:
0 Helpful
3 Replies 3

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎10-29-2013 11:50 AM

You would need to do the mac filtering on the AAA server instead of the WLC, but you'll still need to add a DHCP reservation per school, as I assume they use different subnet scopes.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Richard Dellaterza
Level 1
Level 1
In response to Stephen Rodriguez

‎10-29-2013 12:39 PM

as i thought... thanks for the reply. is there a best practice config set up for AAA and WLC?

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to Richard Dellaterza

‎10-29-2013 12:43 PM

Honestly? not to do it.  Mac auth/filtering is very easily spoofed.

But if you have to do it:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card