WPA with local MAC address authentication

Unanswered Question
Mar 20th, 2009
User Badges:

Can Cisco Aironet AP support WPA encryptions with local MAC address authentications as the current setup i have do not have a radius server to authenticate my users.


i tried configuring with local MAC address but no success.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
jeff.kish Fri, 03/20/2009 - 07:28
User Badges:
  • Silver, 250 points or more

Try this:


conf t

access-list 700 deny xxxx.xxxx.xxxx 0000.0000.0000

access-list 700 deny xxxx.xxxx.xxxx 0000.0000.0000

.

.

.

access-list 700 permit 0000.0000.0000 ffff.ffff.ffff

dot11 association mac-list 700


Replace the xxxx.xxxx.xxxx with each host you want to allow on the AP. This will block any other MACs from accessing the AP. This is not by SSID, this is by AP, so let me know if this will work for you.

day28lite Sat, 03/21/2009 - 07:24
User Badges:

what if i want by SSID ?

I have added the MAC address to the local MAC address pool at Advanced Security but when i tied it to my SSID, all users get thrown out.


Can local MAC address authentication work without radius server on WPA ?


gamccall Tue, 04/14/2009 - 09:42
User Badges:
  • Silver, 250 points or more

What you're trying to do is exactly what RADIUS was designed for. Your best bet will be to just set up a RADIUS server and configure whatever filters you need.

jeff.kish Tue, 04/14/2009 - 10:41
User Badges:
  • Silver, 250 points or more

And let me apologize for not realizing that you had responded to my post. Thanks gamccall for responding when I didn't!

Actions

This Discussion