Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

Hi Guys,

I have 2*4402 controllers , 1*WCS 5.0& 1250 AP's.

i have done all basic config, network was up and running.However after enabling Mac Filtering, the wireless network has gone for a are the issues i am facing:

1.Some devices whose mac address is added are not getting connected,however others Laptops of same brand/device driver ver are working fine.

2.when trying to move devices from regular static-wep ssid to wpa+wpa2+mac-filtering ssid, some devices dont connect and i get the following alarm on wcs "Client xxxx which was associated with AP yyyy, interface 0 is excluded .The reason code is '2'(Attempted to use IP address assigned to another device." Moreover i am not able to revert them back to static WEP ssid which was working fine earlier.

Would really appreciate your valuable suggestions .



Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

I believe that MAC filtering is not supported with WPA same as Autonomus AP's.

If you need MAC filtering an ACL on the switch will work.



New Member

Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid


i was looking it up in the release notes and config guide for WLC I also checked layer2/3 compatibilty matrix. couldnt find anything saying mac filtering is not supported with wpa.

However there is a bug wherein if there are too many mac addresses we need 2 update the default limit from 512 to 2048 or something.

Do we have any doumentation on this?

The confusing part is that some clients are getting connected!

also even if mac-feltering is not supported with wpa, why is it that i cant roll back those clients to another ssid with static wep authentication without mac filtering?


Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

You may have to set up separate VLANS for the SSIDs to get the WEP to work.

Have you tried disableing the MAC filtering on the WPA SSID to see if that solves the problem. As most wireless cards can spoof a MAC address, MAC filtering is no longer considered secure.