Blocking of complete Vendor MAC Address

Similar Messages

• WLC - How to block a single client MAC address?

  Hi Sir,
  On a WLC (software version 4.1.185.0), how to block a single client MAC address?
  I thought of using the SECURITY -> Disabled Clients. Is it right?
  There are currently 250 users connected to the WLC. MAC Filtering is not a scalable solution because as I understand it, we have to specify all the legitimate MAC addresses in the local database.
  Thank you.
  B.Rgds,
  Lim TS

  Hi Lim,
  As you have discovered, the Mac filtering on the WLC is an Allow (based on Mac address) rather than what you need which is a Deny (based on Mac address). I have not tried this feature but I think you are on the right track in using the Exclusion List (Blacklist) feature. Have a look;
  Use SECURITY > AAA > Disabled Client then click New or MONITOR > Clients then click Disable to navigate to this page.
  This page allows you to manually Exclusion List (blacklist) a client by MAC address.
  Add the MAC Address and an optional Client Description for the client to be disabled.
  Note When you enter a client MAC address to be disabled, the Operating System checks that the MAC address is not one of the known Local Net clients ( Local Net Users), Authorized clients ( MAC Filtering), or Local Management users ( Local Management Users) MAC addresses. If the entered MAC address is on one of these three lists, the Operating System does not allow the MAC address to be manually disabled.
  Hope this helps! Let us know.
  Rob

• WCS 7.0 Vendor mac-address list

  We are doing a study on our public WiFi to identfy client connections based on wireless Vendor.  about 40-50% of the clients wireless Vendors are "unknown".  Is there a way to update the list of Vendor mac-addresses in WCS?
  Regards
  Chris Kaufman

  I doubt there will be any further releases of WCS code, as it's been EOL.
  http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/end_of_life_c51-556750.html
  You would need to work a migration to NCS at this point.
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• Block internet access by MAC address all the time

  I want to be able to block MAC addresses from accessing the internet but allow them to use the network.
  I can do this in other router interfaces but the BT Home Hub 2.0 has a VERY un user friendly interface and will not allow advanced internet access or other settings to be modifyed to suit my needs.
  I am at an intermediate level at understanding network equipment and an expert at residential networking.

  Not sure about the home hub 2, but on the home hub 1 you can use a "user defined" firewall setting to block access to a computer by specifying its IP address.
  Source LAN
  Interface 192.168.1.xxx  (address you wish to block)
  Destination WAN
  Service ANY
  Action Deny
  You can tell the home hub to always use this IP address for the device you are trying to block.
  There is probably a similar setting on the home hub 2.
  By default I block all Internet access for devices, then I have rules to allow HTTP, HTTPS, POP3 and a couple of others.
  I also have UpnP disabled.
  This prevents any computer on the network accessing any non-standard ports.
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• Can iPhone 6 hotspot block unknown MAC addresses?

  i am somewhat concerned that someone can hack my iPhone 6 hotspot.
  is there a way to block devices with unknown MAC address from connecting to the hotspot?
  is such a feature available, feasible, desirable?
  anybody?
  regards

  Please anyone?

• Block Wired MAC addresses?

  WRT54g Version 5.0
  Firmware 1.02.8
  I have been able to figure out how to block Wireless MAC addresses, and that has been VERY helpful.
  ( Wireless Tab -> Wireless MAC filter -> Permit Only -> and so on.... )
  But I am cannot find out how to block certain wired based MAC addresses.  Is this possible?
  Solved!
  Go to Solution.

  Yes. With access restrictions.
  Of course, as MAC addresses are easily changed, cloned and detected on wireless connections (as MAC addresses are always transferred unencrypted) the wireless mac filter is useless for wireless security. On the wireless, use WPA2 Personal with AES and a strong passphrase. The wireless MAC filter won't make a difference in regard to your WPA2 protected wireless network.
  Same applies to wired devices and access restrictions. Of course, the difference with wired connections is that you have better control over you can plug into your router and who not...

• MAC Address List

  Just a quick question reaally,
  What is the maximum number of Mac addresses the 1130AG can hold?
  Thanks for any help.

  Hi John,
  Are you referring to Mac Filters? If so;
  Configuring and Enabling MAC Address Filters
  MAC address filters allow or disallow the forwarding of unicast and multicast packets either sent from or addressed to specific MAC addresses. You can create a filter that passes traffic to all MAC addresses except those you specify, or you can create a filter that blocks traffic to all MAC addresses except those you specify. You can apply the filters you create to either or both the Ethernet and radio ports and to either or both incoming and outgoing packets.
  Note: Using the CLI, you can configure up to 2,048 MAC addresses for filtering. Using the web-browser interface, however, you can configure only up to 43 MAC addresses for filtering.
  From this doc;
  http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32filt.html#wp1034897
  Hope this helps!
  Rob

• RV016: PPTP Server and "Block MAC address"

  So if the PPTP server is enabled, and "Block MAC address not on the list" is enabled under the DHCP settings, will the PPTP client get an IP address?
  Similarly, if the PPTP server is enabled and the range of IP addresses configured on the PPTP server screen is outside the IP range of the router due to a subnet mask (like 255.255.225.248 for example), will the IP still be assigned to the PPTP client?  If assigned, will that IP have any connectivity to the LAN?
  Thank you in advance for any answers!
  Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com      

  So here's how PPTP works with these two features:
  1.  The PPTP IP range is a different range than the DHCP range.  You get an error message if your PPTP IP range overlaps with the DHCP one.
  I didn't test the 'Block MAC' function because since the IP isn't coming from the DHCP pool, I highly doubt any MAC blocking will work.
  2.  Since your PPTP IP address range is outside of the DHCP range, this point is completely taken off the table.  However, if you choose an IP range that's outside of the subnet, you'll get an error message when saving.  I also learned that if you set the PPTP IP to just a single number and connect, the router will automatically reject any additional connections since no IPs are available.
  Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

• How to connect to a network that has blocked Mac addresses?

  My school has blocked Mac addresses how do I get around this?

  lllaass already answered, and JakeStebbings provided as helpful a suggestion as possible.
  You might as well mark your own response as "answered" and move on:
  That's impossible.

• What good is it to have a router that doesn't block mac addresses like its supposed too!!!

  what good is it to have a router that doesn't block mac addresses like its supposed too!!!

  At 10:30pm I think I'd like to talk this out....Lemme give you some more details and lets get some hardware programmers involved. I think this is a cross-platform conflict or at the remote a outdated hardware problem. What do you need from me to track this issue down? I have been patient and have waited over 1yr or maybe 2, waiting for an update to correct this issue. Alas, there has been no solution to this problem. I have 13 seperate MAC addy's on the network. 1 wired and the the rest wireless(some constant, others random). All on a schedule(some timed access, some all the time). I have macBooks, Labtops, Desktops, Ipads, Ipods, DSIs, Windows7, WindowsXP Pro, PS3, AppleTV and a few random BlueTooths. Not that much.
  Anyways, I think somehow there is a hole because of cross-platfom compatability that is making my daughter able to get on the net unless I change the wireless password......
  No I have no proof...It's just a feeling

• ISP blocks my APBS due to various MAC addresses used by the router

  Hi all,
  My Internet provider limits access to Internet over Ethernet cable
  for fixed MAC address(s). That means, I have to inform ISP of the
  only MAC address I'll use to transfer data. In the case ISP detects
  traffic with other MAC addresses on my cable, he blocks any traffic
  at all (until cable unplugged and kind of 30secs are waited).
  My configuration is APBS GigaN with "shared public IP" and with
  MacBookPro connected over embedded WiFi AirPort N card.
  I reported EthernetID of my APBS to ISP, but stuck into the problem
  that all the time router is blocked. It successfully receives
  IP settings from DHCP of provider, and then passes nothing in/out.
  The provider said he can see the packets with different MAC addresses,
  as I understood these MACs are exactly AirportID and EthernetID of
  APBS. Why is it happening so, when "shared public IP" with DHCP
  and NAT are selected? Why MAC address of wireless card of APBS is
  visible to outside? What can I do with it, supposing that provider
  can't fix the case on his side?
  Regards,
  Strim

  kevj is right, Your linksys router has 3 MAC address and they all are assocciated with each other.

• Possible to import new mac address vendor code translation list in WCS 6?

  Is it possible to import new (IEEE) vendor code list to get correct information regarding clients MAC-addresses? There are too many client vendor codes reported as "Unknown" lately......
  Running 6.0.196.0.
  /jonas

  What is the mac address of the vendor OUI? Every new release of WCS contains the latest MAC vendor OUI so upgrading to WCS 7.0.164.3 should update the vendor's info.
  If its a new device, please post the mac address, device, and vendor.

• Need to disable "Block Anonymous Internet Requests" with "Clone MAC address?"

  Ok -- so I learned from tech support and this forum that the "Clone MAC address" option needs to be enabled when connecting to the Internet via a cable modem. In one of the forum posts (sorry lost track of which one), it said that in addition I need to disable "Block Anonymous Internet Requests" as well -- is this correct? If so what is the effect of this? Linksys documentation is not clear if this is absolutely necessary.
  I think the comment is in this thread
  http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&message.id=8600

  Usually resetting you cable modem will allow you to use a router without cloning the MAC address.  Reset modem, power down, plug router into the modem, power up the modem, power up the router and you should be good to go.  The popular reason that I know of for unchecking "Block Anonymous Internet Requests" is when you plan to use P2P software like Azureus.  Your computer becomes pingable and can be seen on the net.

• MAC Address Vendor Codes for Apple?

  Does anyone know if there's a current list of MAC address vendor codes that have been assigned to Apple? I've found a few by searching but I'm not sure how recent they are.

  Go to this page and browse or search the OUI listing for Apple.
  (13628)

• How to block mac address in 2800 router

  sir
  how to block mac addresses in cisco 2800 router 

  Hi,
  To block mac addresses you can simply create Mac based ACLs which ranges between 
  700 to 799
  Example:
  access-list 700 deny xxxx.xxxx.xxxx.xxxx
  access-list 700 permit yyyy.yyyy.yyyy.yyyy
  now you can apply it on interface:
  int f0/0
  access-group 700 in 
  exit
  Regards,
  Rahul Chhabra
  Network Engineer
  Spooster IT Services