I want to create mac base ACl for all users and laptop . So that I can restrict unauthorized user or laptop. MY current scenario is like :---
wireless user/Laptop ------> Access point------->Poe switch (L2)-------> WLC (wireless LAN controller )-------->Radius server ------------>AD------------> LAN
In above scenario unauthorized user can access Internet or can get some access through static IP. So i am planning to implement following because i have Cisco 2800 and Cisco 1800 router and also due lack of budget.
wireless user/Laptop ------> Access point------->PoE switch (L2)------->Cisco router (with MAC base ACL)--------> WLC-------->Radius server ------------>AD------------> LAN
Re: How can i create MAC base ACL in cisco router 2800 &1800
LAP is building data tunnel using CAPWAP (old LWAPP) towards WLC. WLC than will forward the client traffic accordingly on the dynamic interface of WLC (vlan) - hence router between LAP and WLC only sees CAPWAP(LWAPP) traffic.
I assume as per your request you like restrict based on MAC address the access to your network for wireless users.
WLC has a Layer 2 security feature for MAC address filter.
WLC GUI > WLAN > WLAN ID edit> Security > Layer 2 > checkbox : Mac Filter
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...