Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
1
Replies

Can I use wild cards with MAB in ACS?

jkeeffe
Level 2
Level 2

‎07-17-2009 12:06 PM - edited ‎02-21-2020 10:23 AM

I want to restrict access to 6500 ports to known MAC addresses. I know I can't use port security, nor can I apply an MAC layer ACL to the port, so I'm going to try 802.1x and/or MAC authentication bypass.

There is a potential for hundreds of MAC addresses to enter into the ACS, but only a few vendors supply the NICs. Instead of entering in individual MAC addresses in either the NGP or the username/password fields, can I use wild cards or masks like 00:1C:C4:00:00:00 00:00:00:FF:FF:FF to mask for all MACs that start with 00:1C:C4?

Or a username/password like 00:1C:C4:xx:xx:xx?

Is there any way to do this?

Labels:
0 Helpful
1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

‎07-20-2009 10:16 AM

Hi,

I don't think so, the username can contain up to 64 characters except for #?"*><. Leading and trailing spaces are not allowed.

Wild cards are not allowed in username.

Regards,

~JG

Do rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents