How to enable only registered Mac adresse

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi, there.
I need to block unregistered MAC Adress Users.
What i did is Creating a MAC/L2 User List.
What i cant find is how to make it work?
Do i have to enable this function ? If YES where ?
Many thanks i advance and Happy Divali
Photo of Christian Hartmann

Christian Hartmann

  • 4 Posts
  • 1 Reply Like
  • searching

Posted 3 years ago

  • 1
Photo of Primož Marinšek

Primož Marinšek, AlphaDog

  • 413 Posts
  • 48 Reply Likes
Well if you have a ZD you create a CLI L2 profile and apply it to a praticular WLAN under the advanced options.
Photo of Christian Hartmann

Christian Hartmann

  • 4 Posts
  • 1 Reply Like
Thanks a lot, works now. To recognize each User by his MAC Adress is a bit more difficult i think. Do have a hint for that either ?
Photo of Primož Marinšek

Primož Marinšek, AlphaDog

  • 413 Posts
  • 48 Reply Likes
If you use DPSK you will see username of the user on the network. Highly recommended as MAC filtering really isn't a security feature.

DPSKs are easy and highly secure.
Photo of Max O'Driscoll

Max O'Driscoll, AlphaDog

  • 293 Posts
  • 68 Reply Likes
Also there is a limit to MAC addresses on each ACL - somewhere around the 120 region (yes it's probably 128 but recall my laptops falling off network at about 120).

- you can only apply one ACL to each WLAN...

- so lots of devices means several WLANs. Just worth thinking about if you intend to "grow".

Whether MAC address authorisation is secure enough depends on your environment. Here in school I'm okay with it.

If you have a guest lan enabled then new devices eventually end up on that (as unauthorised clients) which lets me see their MAC and I can add to the correct ACL as necessary.

Works for me.