Mac Address Filter Software Download

  

Update 2020 / 05 / 19 – I’ve added a video above that walks through the steps detailed in this blog post.

To configure the MAC address blocked / allowed list: Expand the 'Advanced' section by clicking on the plus icon. Select the 'MAC filtering type' (either whitelist or blacklist). Once selected the 'MAC Addresses field is shown. Select the MAC address definition from 'MAC Addresses' drop-down menu (as defined in the section above). Get mac address free download - IP Address Menu, Apple Address Book Importer, MacAppStuff Spoof MAC, and many more programs.

If you’re using the ‘Basic’ Wireless setup, you may see an error when trying to apply the policy: “switch 1 dbm wireless Use of default ACL preauth v4 is not permitted”

If you come across this error, it’s a known bug (CSCvt18875) specific to only the ‘Basic’ setup wizard (which is what I used in this post below). If so, check out the video above which walks through the ‘Advanced’ setup and bypasses this error.

I’ve been spending a bit of time over the past few weeks building up a wireless lab. Trying to get a good understanding of how the new Catalyst 9800 wireless controller works, and how it differs from some of the previous iterations.

Mac Address Filter Software Download

In order to play around with the new controller, I decided to try to build a new configuration that mimics my current home wireless. Today I am using Ubiquiti APs, which come with their own free controller software. Most of my current config is fairly straightforward – a few SSIDs, two APs, and a guest network with captive portal. One of my SSIDs is dedicated to any IoT devices and is more restrictive than the other networks. This network uses both a pre-shared key for authentication as well as MAC-based filtering.

Mac Address Filter List

In this post – we’ll walk through how to set up a new SSID with client MAC filtering.

Note: This was written using Catalyst 9800-CL version 16.12.1s. APs are configured in flexconnect with local authentication (no AAA, ISE, etc)

While this post is not focused on in-depth WLAN config, we will start by quickly setting up a new network.

Once you get logged into the controller – we’ll click on the Wireless Setup icon in the upper right-hand side. Then drop down to the Basic option:

This takes us through a pretty quick and easy wizard to set up our new location & wireless networks. At first, we will have no locations configured – so we will click Add:

We’ll start off building our location by giving it a name and description. These are used for some naming of policy objects within the WLC, so make sure to use a name that makes sense.

In my case, I’m also going with a flexconnect deployment – so we’ll select that option and also provide the AP native VLAN.

Next, we’ll click over to the Wireless Networks tab. This is where we will create our WLAN and apply the initial configuration. We don’t have any networks yet, so click Add

Office 2008 mac dmg download. The two primary things we need to address are highlighted in red below. We need to create a WLAN and assign it to a VLAN. Let’s start with the WLAN by clicking Define new.

On the General tab, we’ll give this WLAN a profile name and a SSID.

Internet Filter Software

Next, we’ll hop on over to the Security tab, and focus on the Layer 2 sub-tab. The first thing I want to point out – is that at this point, we will not be enabling the MAC Filtering checkbox. We’ll need some additional config first, then come back to this later.

Scroll down to the bottom of the window and there will be some settings for your authentication. By default, 802.1x will be enabled. This post won’t cover how to setup/configure that. Instead, we’ll be deselecting 802.1x and checking the box for PSK. Then a text field will appear for us to enter the Pre-Shared Key.

Once we click Apply to Device, we’ll finish up by assigning our VLAN or VLAN Group. In this case, I have already created a VLAN named IoT. If you haven’t created a VLAN yet, you can do so by going to Configuration > Layer 2 > VLAN. Then add a new VLAN under the VLAN tab.

Click Add, then we’ll be back to the wizard and see the new WLAN we just created.

In order to finish up with the wizard, we just need to assign our Access Points. Click on the AP Provisioning tab. If you have already configured APs to join to this controller, you will see them on the left side under Available APs. Check which ones to apply this WLAN to, then click the arrow to move them to APs on this location.

Click Apply, and that will finalize all of the configuration we just did – then drop us back to the Wireless Setup page.

Okay – Now that we have that completed, we can move onto creating our MAC filtering policies.

Back in the menu – Let’s go to Configuration > Security > AAA

In this section – we first need to create an Authorization policy. Select the AAA Method List tab, then Authorization, then Add to create the new policy.

Mac Address Filtering

In here we’ll specify a name, then select Type: network, and Group Type: local. Then go ahead and Apply to Device

Once we have that, let’s go over to the AAA Advanced tab, and click Add in the Attribute List Name section

Here we need to provide the SSID we want our MAC policy to apply to. Under Attribute Type, select SSID. Then under Attribute Value, select the target SSID that our policy will be tied to.

Don’t forget to click Save on the attribute before clicking Apply to Device!

Time to input our list of device MAC addresses! Drop into the Device Authentication section, and click Add – or upload a CSV file if you have one.

Input the device MAC Addrees and select the Attribute List Name that we configured just a minute ago. Then Apply to Device

After that – we should have our completed list of MAC addresses which will be permitted to join our wireless network. All we need to do is go back to our WLAN and enable MAC filtering.

Let’s go to Configuration > Tags & Profiles > WLANs

This should give us the list of any configured WLANS – including the one we created earlier. Go ahead and click on it to edit.

Next, we’ll jump straight to the Layer 2 section under the Security tab. Check the box for MAC Filtering and select the Authorization List we created from the drop down.

And we’re done! Clients that want to join our newly created SSID will need the pre-shared key we configured, but they will also need to be manually added to our MAC address filter as well. While this isn’t a perfect security measure since MAC addresses can be easily spoofed – it does add an extra layer of protection to keep unauthorized devices from inadvertently being able to join this specific WLAN.

Mac Address Filter On Ipad

In the event that a client is NOT on the authorized list, you may see the following logs in a client debug:

Mac Address Filter Software Download

On the opposite side, when a client is successfully able to pass MAC authentication – the logs will show the following: