Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3587
Views
0
Helpful
3
Replies

Blocking of complete Vendor MAC Address

Go to solution
MICHAEL SCHROEDER
Level 3
Level 3

‎10-02-2010 03:24 AM - edited ‎07-03-2021 07:14 PM

Hi All,

is it possible to Block or Disable a complete Vendor MAC - like  Apple 7c:6d:62:x:x:x - with using Wildcards on a Wireless LAN Controller? Background is, that the Customers IT-Department is only allowing the use of one Vendor, so every MAC Address of another Vendor is rogue. If Blocking is not possible on WLC, can i do this on ACS?

Thx in adv, Michael

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Madhuri C
Cisco Employee
Cisco Employee

‎10-03-2010 07:16 PM

Hi,

Unfortunately there is no option of using  wildcard mask on WLC for mac filtering. We need to configure complete  individual MAC addresses which needs to be allowed (rest of it would be  blocked).

More information :  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml

Regards,

Madhuri

View solution in original post

0 Helpful

Go to solution
Surendra BG
Cisco Employee
Cisco Employee

‎10-03-2010 09:20 PM

This can be done using the Autonomous APs but not with LWAPP and WLC.. even on the ACS we provide the MAC address.. we dont use the mask.. however the IOS APs we specify the mask..

Regards

Surendra

Regards
Surendra BG

View solution in original post

0 Helpful

Go to solution
Javier Contreras
Cisco Employee
Cisco Employee

‎10-06-2010 08:01 AM

Hi

if you create a NAR entry on ACS, you can use callerID information (DNIS) which will have the mac address.

then on ACS, it will support wildcards for all or part of each of the attributes:

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/c.html#wp697209

so, it should be posible to be done on WLC, if you move the validation into ACS itself.

Regards

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Madhuri C
Cisco Employee
Cisco Employee

‎10-03-2010 07:16 PM

Hi,

Unfortunately there is no option of using  wildcard mask on WLC for mac filtering. We need to configure complete  individual MAC addresses which needs to be allowed (rest of it would be  blocked).

More information :  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml

Regards,

Madhuri

0 Helpful

Go to solution
Surendra BG
Cisco Employee
Cisco Employee

‎10-03-2010 09:20 PM

This can be done using the Autonomous APs but not with LWAPP and WLC.. even on the ACS we provide the MAC address.. we dont use the mask.. however the IOS APs we specify the mask..

Regards

Surendra

Regards
Surendra BG
0 Helpful

Go to solution
Javier Contreras
Cisco Employee
Cisco Employee

‎10-06-2010 08:01 AM

Hi

if you create a NAR entry on ACS, you can use callerID information (DNIS) which will have the mac address.

then on ACS, it will support wildcards for all or part of each of the attributes:

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/c.html#wp697209

so, it should be posible to be done on WLC, if you move the validation into ACS itself.

Regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card