Help
Wireless Controller
Dedicated Wi-Fi control and management for high density and mobility
nsamuel
Staff
Staff

Created on ‎01-13-2016 11:32 PM

Article Id 190574

Meru Technical Note - How to configure MAC Filtering on Meru Controller?

Description

How to configure MAC Filtering on Meru Controller ?


Scope

KB ARTICLE TYPE: Configuration

RELATED PRODUCTS: Controller, AP

RELATED SOFTWARE VERSIONS: N/A

KEYWORDS: Controller, AP, MAC filtering


Solution

MAC filtering controls a user station’s access to the WLAN by permitting or denying access based on specific MAC addresses. Two ACLs are available for MAC filtering:

 

Permit ACL : It limits access to only those MAC addresses on the permit list

Deny ACL : specifically disallows access to those addresses (clients) on the deny list

 

For Controller ACL administration, the valid states are: 

Disabled (default) : Both the permit and deny ACLs are inactive, even if they contain MAC addresses

Permit : Permit is enabled and deny ACL (if it exists) is disabled

Deny : Deny ACL is enabled and permit ACL (if it exists) is disabled

 

CONFIGURATION STEPS: Enabling the Deny ACL

 

GUI Steps : It can be configured from GUI by navigating through these TABs.

 

GUI > Configuration > MAC Filtering > ACL Deny Access Configuration > Click on Add > Add the MAC address > Click on ACL environment state after entering all the MAC addresses > Select Deny List Enabled > Click OK.

 

CLI Steps :

 

STEP 1 : MAC filtering is disabled by default. To change the state of MAC filtering so that the deny list is enabled, use the command:

               meru(config)# access-list state deny

               This can be verified by issuing following command: 

               meru# show access-list state

               MAC Filtering (ACL) Configuration

               ACL Environment State : deny

               RADIUS Profile name   :

               Secondary RADIUS Profile Name   :

               meru#

Note : This step should be performed before adding MAC addresses

 

STEP 2 : Configuring a Deny ACL : Addresses can be added to a deny ACL list by specifying them as command arguments. To add one or more MAC addresses to the deny access control list, type the following:

               meru(config)# access-list deny 00:44:94:51:ca:2f

               meru(config)# exit

               meru#

 

Click on the Save button to save the running configuration to the start-up configuration.

 

TEST RESULTS: Only the added client was unable to connect to the network.

LIMITATIONS IF ANY: Either “Permit” or “Deny” ACL can be configured at a time but not both.


1715
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.