Cisco AP1200 and MAC authentication

jmerricks · ‎11-03-2003

We are a private school with 68 AP1200s and 3 AP350s deployed. We are a Novel shop with no NT or Windows servers. We also do not have the funds in out current budget to buy a Cisco ACS. I want to configure my APs to only allow specific MAC addresses to associate and authenticate to our network. I do not want to type all 98 MAC addresses for the laptops into each AP. Is there a way to setup 1 AP and then send the info to all of the others. Next year we are looking at over 400 laptops and other wireless systems on campus. I am looking at this method because the Novell implementation of Radius does not support EAP. Any ideas will be greatly appreciated.

Joe Merricks

Network Administrator

Hargrave Military Academy

Chatham, VA

merricksj@hargrave.edu

434-432-2481 x2150

dopenfield · ‎11-05-2003

Coming from a similar Educational environment ...

I would try arguing that an additional full-time person will need to be hired, and processes created to deal with verifying and authorizing new NICs just to keep up with the churn of the MAC address security method

or...

Spend the $5k or so on an ACS appliance, set that up to point to your user database and the processes for identifying, assigning, and authorizing your ever changing user base are already handled.

I'm also not certain all of the APs can handle a 500+ list of MAC addresses.

jmerricks · ‎11-06-2003

Thanks. That is what I am trying to get our administration to see. I think we need to bite the bullet and get the ACS appliance.