Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

Unanswered Question
Jul 27th, 2008

Hi Guys,

I have 2*4402 controllers , 1*WCS 5.0& 1250 AP's.

i have done all basic config, network was up and running.However after enabling Mac Filtering, the wireless network has gone for a are the issues i am facing:

1.Some devices whose mac address is added are not getting connected,however others Laptops of same brand/device driver ver are working fine.

2.when trying to move devices from regular static-wep ssid to wpa+wpa2+mac-filtering ssid, some devices dont connect and i get the following alarm on wcs "Client xxxx which was associated with AP yyyy, interface 0 is excluded .The reason code is '2'(Attempted to use IP address assigned to another device." Moreover i am not able to revert them back to static WEP ssid which was working fine earlier.

Would really appreciate your valuable suggestions .


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bcolvin Sun, 07/27/2008 - 22:37

I believe that MAC filtering is not supported with WPA same as Autonomus AP's.

If you need MAC filtering an ACL on the switch will work.



AbbasAliZoeb Mon, 07/28/2008 - 09:31


i was looking it up in the release notes and config guide for WLC I also checked layer2/3 compatibilty matrix. couldnt find anything saying mac filtering is not supported with wpa.

However there is a bug wherein if there are too many mac addresses we need 2 update the default limit from 512 to 2048 or something.

Do we have any doumentation on this?

The confusing part is that some clients are getting connected!

also even if mac-feltering is not supported with wpa, why is it that i cant roll back those clients to another ssid with static wep authentication without mac filtering?

bcolvin Tue, 07/29/2008 - 07:08

You may have to set up separate VLANS for the SSIDs to get the WEP to work.

Have you tried disableing the MAC filtering on the WPA SSID to see if that solves the problem. As most wireless cards can spoof a MAC address, MAC filtering is no longer considered secure.



This Discussion



Trending Topics - Security & Network