Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

Hi Guys,

I have 2*4402 controllers , 1*WCS 5.0& 1250 AP's.

i have done all basic config, network was up and running.However after enabling Mac Filtering, the wireless network has gone for a toss.here are the issues i am facing:

1.Some devices whose mac address is added are not getting connected,however others Laptops of same brand/device driver ver are working fine.

2.when trying to move devices from regular static-wep ssid to wpa+wpa2+mac-filtering ssid, some devices dont connect and i get the following alarm on wcs "Client xxxx which was associated with AP yyyy, interface 0 is excluded .The reason code is '2'(Attempted to use IP address assigned to another device." Moreover i am not able to revert them back to static WEP ssid which was working fine earlier.

Would really appreciate your valuable suggestions .

Regards....

3 REPLIES
Bronze

Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

I believe that MAC filtering is not supported with WPA same as Autonomus AP's.

If you need MAC filtering an ACL on the switch will work.

HTH

Bill

New Member

Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

Hi...

i was looking it up in the release notes and config guide for WLC 5.0.148.0. I also checked layer2/3 compatibilty matrix. couldnt find anything saying mac filtering is not supported with wpa.

However there is a bug wherein if there are too many mac addresses we need 2 update the default limit from 512 to 2048 or something.

Do we have any doumentation on this?

The confusing part is that some clients are getting connected!

also even if mac-feltering is not supported with wpa, why is it that i cant roll back those clients to another ssid with static wep authentication without mac filtering?

Bronze

Re: Trouble after enabling MAC-FILTERING on WPA+WPA-2+PSK ssid

You may have to set up separate VLANS for the SSIDs to get the WEP to work.

Have you tried disableing the MAC filtering on the WPA SSID to see if that solves the problem. As most wireless cards can spoof a MAC address, MAC filtering is no longer considered secure.

Bill

326
Views
0
Helpful
3
Replies