is it possible to Block or Disable a complete Vendor MAC - like Apple 7c:6d:62:x:x:x - with using Wildcards on a Wireless LAN Controller? Background is, that the Customers IT-Department is only allowing the use of one Vendor, so every MAC Address of another Vendor is rogue. If Blocking is not possible on WLC, can i do this on ACS?
Thx in adv, Michael
if you create a NAR entry on ACS, you can use callerID information (DNIS) which will have the mac address.
then on ACS, it will support wildcards for all or part of each of the attributes:
so, it should be posible to be done on WLC, if you move the validation into ACS itself.
This can be done using the Autonomous APs but not with LWAPP and WLC.. even on the ACS we provide the MAC address.. we dont use the mask.. however the IOS APs we specify the mask..
Unfortunately there is no option of using wildcard mask on WLC for mac filtering. We need to configure complete individual MAC addresses which needs to be allowed (rest of it would be blocked).