AP1242AG mac filtering knocks out lan

I've set up two wireless desktop PC's to connect to my AP1242AG access point, and from another (wired) machine I can see them on the LAN and share their files. But when I use mac address filters on the AP the wireless clients stop working on the LAN. In the AP I've tried including the mac addresses from other (wired) machines on the LAN but the wireless clients go awol. When I delete the mac address filtering the wireless clients comes back on the LAN again. What am I doing wrong? Thanks for any help.

Tony
If you are using WPA for you primary authentication MAC address filtering is not supported.
Note In Cisco IOS releases 12.3(4)JA and later, you cannot enable both MAC-address authentication and WPA-PSK.
From this Configuration Guide
http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37auth.html#wp1034916
If you want to restrict access by MAC address an ACL on the switch will work.
HTH
Bill

Similar Messages

  • AP1242AG WPA and MAC Filtering problem

    Hello,
    Presently I managed some AP1242AG in ofiice area
    I need implement WPA and MAC filtering.
    I found what :
    In IOS 12.2(13)JA branch IOS and before, MAC authentication was supported
    in conjunction with WPA.
    In 12.2(15)JA and above, configuring MAC authentication with WPA does not
    work. MAC Authentication passes everyone through.
    I can't found IOS 12.2(13) in Cisco site.
    Can anybody help me and give link to download 12.2(13)JA ?
    Thanks.

    Also when I acivete MAC filterring
    access-list 700 deny   0024.d7ed.2204   0000.0000.0000
    access-list 700 deny   0000.0000.0000   ffff.ffff.ffff
    dot11 association mac-list 700
    dot11 ssid zero!v
       vlan 390
       authentication open eap eap_methods
       authentication network-eap eap_methods
       authentication key-management wpa
       wpa-psk ascii 7 14531708030A2E1A3108212127015644
    The WPA is working but MAC filtering not reject
    IOS Ver.
    Cisco IOS Software, C1240 Software (C1240-K9W7-M), Version 12.3(11)JA1, RELEASE SOFTWARE (fc2)

  • OEAP Remote LAN & MAC Filtering

    I am currently trying to set up the Remote LAN feature with MAC Filtering with WLC & ISE. I want to use Central Web Authentication, but the client connected to the wired port 4 of the OEAP does not get redirected. On the WLC I see the correct web redirect URL and ACL being applied (client details), but the redirect on the client itself is not taking place. The RADIUS NAC state of the wired client is also shown as "RUN" instead of the expected "CENTRAL_WEBAUTH_REQD". No anchoring is configured for the Remote LAN, since it is not supported in this WLC software release.
    Anybody have any ideas? Is this supported at all? The redirect is working fine with wireless on the OEAP.
    WLC 5508 7.4.110.0
    AIR-OEAP602I-E-K9
    ISE 1.2.0.899

    You are trying web-auth redirect on rlan correct? On remote lan 44 config:
    Remote LAN Configuration
    Remote LAN Identifier............................ 44
    Profile Name..................................... HomeOffice_RemoteLAN_Port4
    Status........................................... Enabled
    MAC Filtering.................................... Enabled
    AAA Policy Override.............................. Enabled
    Maximum number of Associated Clients............. 0
    Number of Active Clients......................... 0
    Exclusionlist Timeout............................ 60 seconds
    Session Timeout.................................. 86400 seconds
    User Idle Timeout................................ 300 seconds
    User Idle Threshold.............................. 0 Bytes
    NAS-identifier................................... XXX-XXXXXX
    Webauth DHCP exclusion........................... Disabled
    Interface........................................ homeoffice
    Remote LAN ACL................................... unconfigured
    DHCP Server...................................... Default
    DHCP Address Assignment Required................. Enabled
    PMIPv6 Mobility Type............................. none
    Radius Servers
       Authentication................................ 10.65.30.220 1812
       Authentication................................ 10.65.30.221 1812
       Accounting.................................... 10.65.30.220 1813
       Accounting.................................... 10.65.30.221 1813
          Interim Update............................. Disabled
       Dynamic Interface............................. Disabled
       Dynamic Interface Priority.................... wlan
    Local EAP Authentication......................... Disabled
    Security
       802.1X........................................ Disabled
       Web Based Authentication...................... Disabled
       Web-Passthrough............................... Disabled
    AVC Visibilty.................................... Disabled
    AVC Profile Name................................. None
    Flow Monitor Name................................ None
    802.11u........................................ Disabled
    MSAP Services.................................. Disabled

  • E1200 - Ports not working and mac filtering problem

    If there was a way to give negative stars to this router, I would. As it is, the minimum rating I can give this product is one star, and that's one star too many.
    I was upgrading from the WRT54G, which is an ugly thing to look at, but a reliable workhorse nonetheless. I turned that in to a downstream switch in my comms hub.
    On the E1200, I flashed the latest firmware, used different Cat5 cables, and different laptops before committing to hating this product.
    The first time I reached out to Amazon, the Amazon rep gave me a Cisco number to call. Turns out, that's some shady mortgage refinance hotline. Try it for yourself! 1-800-666-1771.
    Now, the rant -
    1. Two out of four wired LAN ports don't work: What can be the fix for this?! The activity lights on ports 3 and 4 blink and suggest data transfer is taking place, but the wired laptop simply can't acquire an IP address and access the internet. Same result when I connect my Panasonic Blu-Ray player to ports 3 and 4. None of the Viera Cast features load.
    2. MAC filtering unreliable: The wireless routing works somewhat reliably, if and only if, one settles for the most basic security. If I only choose a password and WPA2 protocol, things work fine. If I add another layer of security (in my case, enabling MAC filtering and only PERMITTING gateway to listed MAC IDs), things break down. As soon as I disable MAC filtering, wireless access to authenticated clients is restored.
    3. Cisco customer service: The censored world we live in, compels me to criticize politely. TERRIBLE. Cisco website is unintuitive, and frustrating. There's no easy way to register your purchased product. The Cisco "registration" is intentionally misleading and deceptive. For all intents and purposes, it's just an information gathering tool for Cisco. Don't bother registering there, unless you love the idea of storing your personal information on their servers. Their phone-based customer service is apathetic and uninterested. My rep was so distrusting of my intelligence and motor control, that he simply wouldn't believe that I had selected "PERMIT" and not "PREVENT" as the option under MAC filtering. After he asked me the same question for the fourth time, I raised my voice, and he gave up the idea of checking for the fifth time.
    However, this review is a tale of two companies. I reached out to Amazon again. This time, I got a rockstar in the shape of Leanne C! She was incredibly helpful, and understanding. What's more, she set up my return without any hassle and this Cisco dud is on its way back. I'm a big fan of Leanne's and my confidence in Amazon is restored.
    I'm sure that i received a lemon. I've never had problems with Linksys products. Maybe others' experience is different from mine.

    In your case as port numbers 1 and 2 does not work, what you could have done a loop back test. To perform a loop back test you need to take an ethernet cable, connect one end of that cable to internet port and the other end to the non-working port on the router. If you get the led to glow on both internet and the respective ethernet port that indicates that the port is working fine.
    It could also be a sychronization issue between the above mentioned lan ports and the lan card of your computer. As a part of trouble shooting you can try to reduce the card speed of your lan card. Following are the steps to reduce the speed of your lan card.
    START--> right-click My Network Places and click Properties
    right-click on the device manager and click properties
    Click on the CONFIGURE button
    Select the ADVANCED tab and in the box under the header property select "speed and duplex" and change the value on the right to 10 mbps half duplex. A restart would be recommended after performing these steps.
    In the second half you said that after enabling the mac filter option the internet breaks down. Here, do you mean to say that the computer
    gets disconnected from the wireless network or it stays connected with a valid IP address but without an internet connection.
    Well, it is an unusual issue however you could have reset and reconfigure the router as you got the latest firmware upgraded on it.
    Steps to reset the router:
    Push the reset button on router for 30 seconds, turn off the router wait for 30 seconds and then power it on. Power light should blink when you perform the reset process.

  • WLC 5760 - MAC Filtering wireless clients

    Hi,
    Does anyone ever deployed mac-filtering authentication to wireless clients in the WLC 5760?
    I've configured a WLAN for Mac-filtering authentication only (named it as "macauth"):
    wlan RNVDOS 4 RNVDOS
    aaa-override
    no broadcast-ssid
    client vlan RNVDOS
    mac-filtering macauth
    no security wpa
    no security wpa akm dot1x
    no security wpa wpa2
    no security wpa wpa2 ciphers aes
    session-timeout 1800
    no shutdown
    Then, below Configuration->Security->MAC Filtering I've added several MAC addresses i.e. :
    MAC Address: 88532e9ef70a  Attribute List: macauth
    Which turned out to be display in the CLI as:
    username 88532e9ef70a mac aaa attribute list macauth
    The problem is that whenever I try to associate the wireless client 88532e9ef70a, the client passes to the exclusion list.:
    Sep 16 10:54:55.603: 8853.2E9E.F70A Adding mobile on LWAPP AP  0C68.03EA.4070 (1)  1 wcm: E9E.F70A (.t^GwtSessionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A  Creating WL station entry for client -  rc 0 1 wcm:
    Sep 16 10:54:55.603: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: (.t^GwtSessionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: ssionID: 0afe01fbtQ^GwH^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw00dd) was added to ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm:  ^G$h\225v^K
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:55.603: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:55.603: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Idle to AAA Pending
    Sep 16 10:54:55.603: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.604: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.604: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Idle to AAA Pending
    Sep 16 10:54:55.604: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:55.604: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:55.813: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:55.813: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:55.813: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:55.813: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:55.813: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:55.813: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.814: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:55.814: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:55.814: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:55.814: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.520: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:56.520: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.520: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.520: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.520: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.520: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.521: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.521: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.521: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.521: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.729: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n 10 seconds
    Sep 16 10:54:56.729: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.729: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: from AAA Pending to Authenticated
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.729: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.729: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.729: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.730: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.730: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.730: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.730: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:56.937: 8853.2E9E.F70A apChanged 0 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A STA - rates (8): 1 wcm:  140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
    Sep 16 10:54:56.937: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: - vapId 4, site 'renova', interface 'RNVDOS'
    Sep 16 10:54:56.937: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.937: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:56.937: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 1 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:56.937: 8853.2E9E.F70A apfProcessRadiusAssocResp (apf_80211.c: 1 wcm: 2149) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Authenticated
    Sep 16 10:54:56.937: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 18) in 10 seconds
    Sep 16 10:54:57.143: 8853.2E9E.F70A Association received from mobile on AP  0C68.03EA.4070  1 wcm: n.t^Gwseconds
    Sep 16 10:54:57.143: 8853.2E9E.F70A qos upstream policy is unknown and downstream policy is unknown 1 wcm: onds
    Sep 16 10:54:57.143: 8853.2E9E.F70A apChanged 1 wlanChanged 0 mscb ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0 1 wcm: H^Cnz^Gw  0C68.03EA.4070  f^G$h\225v^K
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying WLAN policy on MSCB. 1 wcm:  ipAddr 0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying WLAN ACL policies to client 1 wcm:  0.0.0.0, apf RadiusOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A No Interface ACL used for Wireless client in WCM(NGWC) 1 wcm: usOverride 0x0, numIPv6Addr=0
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying site-specific IPv6 override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: f^G$h\225v^K
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying local bridging Interface Policy for station  8853.2E9E.F70A  - vlan 4, interface 'RNVDOS' 1 wcm: ce 'RNVDOS'
    Sep 16 10:54:57.143: 8853.2E9E.F70A Applying site-specific override for station  8853.2E9E.F70A  - vapId 4, site 'renova', interface 'RNVDOS' 1 wcm: DOS'
    Sep 16 10:54:57.143: 8853.2E9E.F70A STA - rates (8): 1 wcm:  130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
    Sep 16 10:54:57.143: 8853.2E9E.F70A STA - rates (12): 1 wcm:  130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
    Sep 16 10:54:57.144:  8853.2E9E.F70A  0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [ 0C68.03EA.4070 ] 1 wcm:  site 'renova', interface 'RNVDOS'
    Sep 16 10:54:57.144: 8853.2E9E.F70A Updated location for station old AP  0C68.03EA.4070 -1, new AP  0C68.03EA.4070 -0 1 wcm: va', interface 'RNVDOS'
    Sep 16 10:54:57.144: 8853.2E9E.F70A new capwap_wtp_iif_id a45d40000000a5, sm capwap_wtp_iif_id 0 1 wcm: P  0C68.03EA.4070 -0
    Sep 16 10:54:57.144: 8853.2E9E.F70A apfProcessAssocReq (apf_80211.c: 1 wcm: 5137) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:57.144: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:57.144: 8853.2E9E.F70A
    client incoming attribute size are 0 1 wcm:   (callerId: 20) in 10 seconds
    Sep 16 10:54:57.145: 8853.2E9E.F70A Sending Assoc Response to station on BSSID  0C68.03EA.4070  (status 256) ApVapId 2 Slot 0 1 wcm: 68.03EA.4070  from Authenticated to AAA Pending
    Sep 16 10:54:57.145: 8853.2E9E.F70A apfBlacklistMobileStationEntry2 (apf_ms.c: 1 wcm: 6129) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from AAA Pending to Exclusion-list (1)
    Sep 16 10:54:57.145: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 44) in 10 seconds
    Sep 16 10:54:57.145: 8853.2E9E.F70A client is added to the exclusion list, reason 1 1 wcm: d: 44) in 10 seconds
    Sep 16 10:54:57.145: *apfReceiveTask: 1 wcm:  %APF-4-ADD_TO_BLACKLIST_REASON: Client 8853.2E9E.F70A (AuditSessionID: 0afe01fb5236e37f000000de) was added to exclusion list. Reason: 802.11 association failure 
    Sep 16 10:54:57.836: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:58.533: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:59.231: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:54:59.922: 8853.2E9E.F70A Ignoring assoc request due to mobile in exclusion list or marked for deletion  1 wcm: fbtQ^GwH^Cnz^Gw00de) was added to ^G$h\225v^K
    Sep 16 10:55:06.972: 8853.2E9E.F70A apfMsExpireCallback (apf_ms.c: 1 wcm: 664) Expiring Mobile!
    Sep 16 10:55:06.972: 8853.2E9E.F70A Scheduling deletion of Mobile Station: 1 wcm:   (callerId: 46) in 60 seconds
    Sep 16 10:55:06.972: 8853.2E9E.F70A apfMsExpireMobileStation (apf_ms.c: 1 wcm: 7067) Changing state for mobile  8853.2E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972:  8853.2E9E.F70A  0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [ 0C68.03EA.4070 ] 1 wcm: 3.2E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972:  8853.2E9E.F70A  0.0.0.0 START (0) FastSSID for the client [ 0C68.03EA.4070 ] NOTENABLED 1 wcm: E9E.F70A  on AP  0C68.03EA.4070  from Exclusion-list (1) to Exclusion-list (2)
    Sep 16 10:55:06.972: 8853.2E9E.F70A Incrementing the Reassociation Count 1 for client (of interface RNVDOS) 1 wcm: D
    Sep 16 10:55:06.972: 8853.2E9E.F70A Clearing Dhcp state for station  ---  1 wcm:  for client (of interface RNVDOS)
    WLC1#
    WLC1#
    Kind Regards,
    Vasco

    Hi Patrick,
    Thank you for sharing your solution. It didn't solved entirely the problem but you pointed to the right direction!
    They are caused, because the system searches for an aaa authorization list, which is not configured.
    To resolve this configure the following
    aaa authorization network mac-filter local
    where mac-filter is the name you defined in the SSID.
    I've used your sugestion to create an aaa local authorization list but instead of naming it with the SSID, I've used the name of the attribute list ( macauth ) and it solved the problem:
    aaa authorization network macauth local
    username 88532e9ef70a mac aaa attribute list macauth
    wlan RNVDOS 4 RNVDOS
    client vlan RNVDOS
    mac-filtering macauth
    WLC1#sh wireless client summ
    Number of Local Clients : 1
    MAC Address    AP Name                          WLAN State              Protocol
    8853.2e9e.f70a APf872.ead7.31da                 4    UP                 11n(5)  
    Cheers,
    Vasco

  • Itunes is knocking out the cd drive on my compaq

    I have tried installing itunes onto my compaq several times however it will not install without knocking out my cd drive and as I use this to play DVDs (in the absence of a TV) it's not a viable option for me. Can anyone out there help before I sell my ipod on ebay Thanks, Caroline.

    Have you tried the following document with that one, Caroline?
    [iTunes for Windows XP: Troubleshooting CD issues caused by device filters|http://support.apple.com/kb/TS1717]

  • Wlc 2006 mac filtering

    I would like to allow client to access wireless lan based on the client mac-address.
    How I config it on WLC 2006 locally (not using radius server)? If yes, How mnay mac-address can be configured on the wlc2006?
    Thanks.
    Douglas

    Hi Douglas,
    Just wanted to add a note to Ankurs good info;
    Maximum MAC Filter Entries
    The controller database can contain up to 2048 MAC filter entries for local netusers. The default value is 512. To support up to 2048 entries, you must enter this command in the controller CLI:
    config database size MAC_filter_entry
    where MAC_filter_entry is a value from 512 to 2048.
    From this good doc;
    http://www.cisco.com/en/US/products/ps6366/prod_release_note09186a0080813b1c.html#wp42756
    MAC Filtering
    http://www.cisco.com/en/US/products/ps6366/products_user_guide_chapter09186a00805a6ad0.html#wp1040588
    Hope this helps!
    Rob

  • Aironet 600 with Mac Filtering and a switch..

    How does the Aironet 600 handle Mac Filtering if I were to connect a switch to port 4 on the back ("Secured" network port). Does it authenticate each MAC or does it do somthing similar to how 802.1x with multi-host works, the first mac authenticates and then the port's wide open? My use-case here is a printer at a remote home-office. The printer doesn't have a supplicant in it so I need to use mac filtering. Thanks.

    MAC authentication is all I use for my OutStationed workers.  No wifi, just the rlan.  Since the rlan is configured for DHCP only, no IP gets passed until MAC auth occurs.
    When Cisco packaged this up, they said 4 is enough..  IF you use an un-managed (non-cisco) switch. 
    I had a need for 2 workstations and 2 digiports..  SOP sys a managed switch..  oops.  the switch consumed 2 MAC's right off the top.. 1 for itself and 1 for each vlan.
    After enablilng 2 rlans, and configuring a pair on different networks, we discovered that they were bridged in the 602 (or somewhere).
    We ended up switching out the 602 for an ASA5505

  • Guest and E4200 - Mac Filtering

    I have an e4200 v1. I have figured out that if mac filtering is enabled, the guest feature will only work if the mac adapter of the guest client is added to the list of allowed mac filters.
    Doesnt adding a mac filter for guests defeat the whole purpose of the guest account? I find this very annoying. Does somebody know of a way to get this to work?

    Don't use the wireless mac filter. It won't provide security anyway. Use WPA2 with AES and a strong passphrase.

  • Web Auth with Mac Filtering

    I am trying to setup a scenario where a user logs in via Web Auth and witha  successfull connection the Mac Address is remembered for 7 days. That way if the user connects again during the course of 7 days they aren't required to authenticate via web auth again they just get access. After 7 days they will need to login again through the web auth. Similar scenario to what you see at a Hotel wireless network. Anyone know how I would go about setting up the dyanmic mac filtering and set the timer for 7 days? With that said I want it to be for a single SSID.

    well, it's not possible with just the WLC.
    You can do it, but you need to have a way to pull the MAC address from the webauth page, and insert that into a LDAP db, which you control the age out process in.
    Then on a subsequent visits they get mac-authed instead of having to re-accept the page.
    in the webauth config you would check the On MAC filter failure box.
    HTH,
    Steve
    Please remember to rate useful posts, and mark questions as answered

  • E1200 - browser utility cannot set up MAC filtering

    The browser-based settings utility for my E1200 can't setup MAC address filtering. I go to the "Wireless MAC Filter" page and enable MAC filtering.
    When I click the “wireless client list” button, a new window opens saying “IE cannot display the webpage”. This always happens when I have a wireless connection active.
    When there are no active connections, then IE properly displays the MAC address table, but it is empty since there aren't any computers connected to the router.
    Does anyone have a fix for this?

    greencross:
    "This. Just write down the MAC addresses of the devices you want to filter and input them manually. And just as gv said, MAC address filtering is useless if you want to hackproof your network. There are tons of sniffing / spoofing software out there to get around it."
    Yeah, I saw that he wrote that, but I want the wireless client list feature to work.
    As I understand the situation, the E1200 firmware has an entirely useless feature, but even if it wasn't useless, it wouldn't matter, because it doesn't work the way it's supposed to anyway!

  • WRT54G mac filtering problem

    I have a WRT54GS with WEP security enabled hard wired to a local PC, a laptop working on a wireless link, an XBOX 360 on a wireles link and a DS lite.
    When I enable mac filtering the XBOX stops working even though I have the mac addresses of both the XBOX and the wireless adapter in the mac address table (everything else works fine including the DS!). I've checked and double checked the mac addresses of all of my equipment and they're all correct. (Everything including the XBOX work fine with the mac address filtering disabled, the wireless adapter connected to the XBOX is also a Linksys ****11B (I can't remember the full code and my son is in bed now)).
    TIA

    Try lansurfer or netscan, lan scanning softwares

  • Mac can't see new printer-told to Disable Airport Extreme Firewall and Mac Filtering...

    I have a new Epson WF-3520 AIO printer. I run Mac on OS X 10.5.7.  The printer appears to be properly set up to run wirelessly but it doesn't show up as a choice to be added to my list of available printers.  My Mac just doesn't see it.  After trying many things Epson's tech support told me to call Apple and find out how to disable the Airport Extreme's firewall as well as Mac Filtering.  I went into the Airport's utility and just got lost in knowing exactly what steps I need to take to do this.  Also, I'm somewhat dubious that this is really what needs to be done in the first place and I'm wondering if he simply wanted to get off the phone....  All advice welcome!  Thanks. Stephanie

    Forget it.... My suspicion was correct.  I was talking to an idiot.  Problem resolved by me.  Unrelated to Airport.
    Forgot to install a piece of software... duh!!!

  • MacBook Pro and Leopard knock out my wireless network

    I am new to Mac, just having purchased the MacBook Pro with Leopard 10.5.1. installed. I have a Netgear WPN824 router that works perfectly with windows based computers. I use WEP 64 bit security. The MacBook connected with no problem and surfs the web fine until I try to download certain files on the MacBook (such as the HP drivers for my all in one printer) or try certain video feeds online , such as a cnn video. The download not only stops midstream but actually knocks out my entire network causing me to have to unplug my cable modem and router and restart everything. This is a real problem. Does anyone have a clue why this is happening? I can download the same files on a Windows laptop with no problem. Help.

    Hmm. It might not be the MBP. Are you using Safari? I've noticed that Safari at times is incompatible with many websites. Try downloading Firefox and try the same downloads.

  • Knocking out a shape

    Using CS3 on a Mac 10.4.11
    I can do this easily in Illustrator - using Pathfinder - but I'm stumped on how to do it in Photoshop
    I have a solid colour rectangle which is a shape layer; from a photo I cut out the figure of a person, and I want to knock out the silhouette of the person into the rectangle so that I have a person-shaped-hole in the rectangle
    Is it simple and I've overlooked something?

    Layer Mask. And you can turn a selection of the outline of the figure into a Path and subtract it from the Vector Mask path if need be.

Maybe you are looking for

  • Using MPEG Streamclip for Mac. Help me if you can

    Hi, I've found out about MPEG Streamclip in Apple Discussions. I opened Streamclip for the first time and converted an .mpg file to .mov file by clicking File>Export to Quicktime. It successfully converted quickly and I opened it w/ Quicktime and was

  • ODBC Driver-specific TNSName issue

    I seem to be having a problem resolving TNSnames frm a local TNS file that is unique to the ODBC driver and would appreciate suggestions. I have Oracle Client 10.2.0.3 and the like-versioned ODBC driver, on Windows Vista SP1. We are configured to use

  • Nautilus Crashes Gnome-Shell

    Just upgraded to Gnome 3.6.1 today, and for some reason now every time I open Nautilus, gnome-shell and mutter crash then reopen, and I can continue as normal.  If I open and close nautilus three times, gnome crashes, disables extensions, and sends m

  • HP Pavilion dv7-4280us recovery disk

    HP Pavilion dv7-4280us Entertainment Notebook PC Serial {Removed for privacy} Product number XZ027UAR#ABA US & Canada only Model DV7-4280US Hard disk HDO Toshiba MK7559GSXP 750GB Advanced format = YES Win 7 64-bit Home Premium is the original OS I ne

  • .cab files keep corrupting in Windows XP

    Hi all, I'm 3 days into trying to install CS3 onto an Xp system so, if you can help me resolve this, you're a genius in my book.  :-)   I keep getting .cab file corruption errors.  I think I've tried just about every trick I could find here in the fo