I'm trying to configure WPA with MAC filtering on an 1100 series AP. I have been able to get WPA2 personal working but when I add the option to filter out MAC addresses, the test machine can no longer associate to the AP. WEP with MAC filtering works just fine. Cisco TAC said it was the version of IOS I was running so I rolled back to an older version with no luck. Below is some output from a debug. Any suggestions on how I can get this to work?
It sure looks like a problem with the IOS still. It's getting a AUTHPASS message yet still reporting that the authentication failed.
To be honest, MAC filtering provides a lousy addition to security for the amount of hassle it requires to get working. I would recommend getting a good strong key from http://grc.com/passwords and dump MAC filtering. WPA2/AES with a 24 or longer hex key will give you good link protection. Go for a full 64-character hex key if you'd like to go the extra mile.
Copy and paste is your friend. We can only hope some future version of the APs support a SDcard to make PSK installation a real breeze.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...