Can we define a list of mac-addresses for a ssid?
I believe the controller can do this, but can not figure out the details how to configure it.. ACL?
Do you have controller ..if yes then here is the way.
Issue the config wlan mac-filtering enable wlan_id command in order to enable MAC filtering
The config macfilter add command lets you add a macfilter, interface, description, and so forth.
To know more
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml
Hope it helps,
Reagrds
Dont forget to rate helpful posts
Similar Messages
-
Hi
I have a list of Mac addresses, I cannot add them one by one in ISE. Is there any way I can add the mac addresses in Bulk? Or Also, If you could tell me a way to do MAB with Radius Server?
MinakshiHi Saurabh,
The link says that Radius should be configured in the switch, does that mean we cannot have MAB configured and working without Radius
The switch must have a RADIUS configuration and be connected to the Cisco secure access control server (ACS) -
Allowing only a list of mac addresses to connect to the internet?
Hi,
I'm setting up a solution, where access to wireless internet is granted only to a list of mac addresses. It seems MAB security is what I am after. However, before mac address is allowed internet access, I want a user to go through an external and controller-independable registration page.
Consider this flow:
Clientconnects to WLAN, since it's mac address is not allowed, the user is redirected to an external website (http://registration.com, aspx website). Here I ask the user to register an account. Using ip address from the request, I send a CLI command to the WLC controller and learn client's mac address from arp table. Here I need to run another CLI command to add the mac address to the mac database, and inform the user they can access the web.
Few struggles that I'm having now:
1) How to setup web MAB authentication, that, upon failure, redirects the user to an external website?
2) How can I add (white-list?) a mac address to enable it access to the internet?It seems I should be able to do this, can anyone elaborate?
1) Layer-2 set to Mac filtering only
2) Upon success - user is granted access
3) Upon failure, falls back to Extrenal Web Auth, which redirects the user to my custom web page
4) Upon registering, I make a postback to the action_url
5) User is authenticated? Is there a way to reset authentication sequence at step 4? I don't really want to register the user. During step 4, I'm sending user's mac address back to WLC via SSH. Since mac address will be present on the WLC after step 4, I would like it to just grant access to the mac address, rather than register the user. -
WLC 2500 pierde lista de MAC Address luego que se va la energía eléctrica
Saludos, tengo un problema con un Cisco 2500 Wireless Controller, tengo activada el MAC Filtering y tiene una lista de MAC address, pero cada vez que se va la energía eléctrica se pierde la clave de acceso a la red wireless, la activación del MAC Filtering y la lista, lo que me olbiga a definir nuevamente la clave de acceso a la red wireless, marcar el cuadro de la opción MAC Filtering y a ingresar toda la lista de MAC address, alguna idea de como evitar que me suceda esto?.... el resto de la configuración permanece intacta, gracias por su ayuda.
Hola Walter.
Lo que trata de decir Scott es que ese comportamiento en el WLC no es normal,por lo cual te aconseja abrir un caso al TAC de cisco.
I'm a native spanish Speaker -
Can't use Find My Friends on iPhone due to Apple ID not being verified.
Can't do this as I can't access my .mac email any longer and I can not change the primary e-mail address for my Apple ID!
So my options are:
Create a new Apple ID, use that and lose all the apps I've purhcased with it (a fairly substantial amount)
Somehow Migrate these purchases over to a new Apple ID
Apple let me change the primary ID for the account
Anyone else ran into this before?
I've tried accessing the mail through a mail application using the correct server information, and trying both the old 6 character password and the one I had to change it too after they updated the security guidelines - neither work.
Help would be greatly appreciated as I can see more services down the line not working without the address being verified!To change the iCloud ID you have to go to Settings>iCloud, tap Delete Account, provide the password for the old ID when prompted to turn off Find My iDevice, then sign back in with the ID you wish to use. When you do this you may find that the password for your old ID isn't accepted. If this should happen, and if your old ID is an earlier version of your current ID, you need to temporarily recreate your old ID by going to https://appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID. Click edit next to the primary email account, change it back to your old email address and save the change. Then edit the name of the account to change it back to your old email address. You should not need to verify the old email address. You can now use your current password to turn off Find My iDevice on your device, even though it prompts you for the password for your old account ID. Then save any photo stream photos that you wish to keep to your camera roll. When finished go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud). Next, go back to https://appleid.apple.com and change your primary email address and iCloud ID name back to the way it was. Now you can go to Settings>iCloud and sign in with your current iCloud ID and password.
-
Can I find serial number or mac address of ipad if I know only Apple ID on it?
Can I find serial number or mac address of ipad if I know only Apple ID on it? Ipad and macbook air were stolen and I do not remember their serial numbers.
No, the MAC address, the unique set of letters and numbers that identify the network interface in the device, will not help you, or anyone else, locate a stolen iPad. If you didn't set up Find My iPad on the device before it was stolen, then there will be no way to track it. The police typically will only want the serial number of the stolen items so they can identify them should they manage to find the thief.
If none of the methods suggested by the others - receipts, iTunes, registration with Apple, packaging - can provide you the serial number, then there's no way you can obtain that information
Regards. -
ARP table not populating mac address for previously reachable IP address
Router has been online and working fine with one BGP neighbor for almost 2 years and no downtime. 2 weeks ago, added a 2nd BGP peer. Everything worked fine for 2 weeks, then all of a sudden yesterday the 2nd BGP peer is disconnected and does not come back. ISP checks and sees everything looks fine on their end. We cannot even ping each other now.
Upon investigation, the ARP table is not even populating the MAC address for the BGP peer IP anymore (same local subnet). Stays "incomplete" in the table no matter what we do, including clearing arp table, changing IP address, etc.
Plug a laptop directly into the 2nd BGP peer FE port and replicate the IP addressing. Laptop cannot ping Router, but Router CAN ping laptop. Check ARP table, but STILL no mac address assigned and now not even the ARP table showing "incomplete".
Thinking it could be the FE interface, switch to the 2nd FE interface and perform same laptop test, this time with arbitrary IP addressing. Now cannot ping each other, no MAC in ARP table.
End up rebooting the router and lo-and-behold, everything is working normally again. 2nd BGP peer peers up instantly.
I should also mention that the 1st BGP peer worked flawlessly throughout, taking all the Internet load and having no issues throughout.
Also, the FE ports for the 2nd BGP peer are on an HWIC FE card plugged into the router. The 1st BGP peer is plugged into the built-in GE interface. 2901 running: c2900-universalk9-mz.SPA.151-4.M4.bin
Lastly, no router resource issues, no error messages, no logs. Just the BGP peer disconnecting.
I have never, in 20 years working with Cisco routers seen something like this before. This is the most fundamental aspect of IP and Ethernet that was not working.
Has anyone ever seen this behavior before??
Here is the router config (IP's changed):
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service internal
service sequence-numbers
boot-start-marker
boot-end-marker
logging buffered 150000
aaa new-model
aaa authentication login LAUTHEN local
aaa authentication login TAUTHEN local group tacacs+ enable
aaa authorization console
aaa authorization exec LAUTHOR local if-authenticated
aaa authorization exec TAUTHOR local group tacacs+ if-authenticated
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
no ipv6 cef
no ip source-route
ip cef
no ip domain lookup
multilink bundle-name authenticated
username ubiadmin privilege 15 secret 4 .JbeuWXuZvchrG0OL.5BftFtqrrEyxcnVHn5rIuCnTk
username umitsnoc01 privilege 15 secret 4 cUmoRUjey9O1x.wk9S.kleX.iAAhCwihupr6Z98p6OA
redundancy
ip ssh version 2
track 1 interface GigabitEthernet0/0 line-protocol
class-map match-any AutoQoS-VoIP-RTP-Trust
match access-group name SIP-Media-INBOUND
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
class-map match-any Customer-Voice
match access-group name Customer-VPNs
class-map match-any media
match access-group name SIP-Media
class-map match-any signaling
match access-group name SIP-Signaling
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map queue
class signaling
bandwidth percent 5
class media
priority percent 50
class Customer-Voice
priority percent 40
class class-default
fair-queue
policy-map shape
class class-default
shape average 10000000
service-policy queue
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description BGP Peer 1
ip address 2.2.2.2 255.255.255.252
no ip redirects
ip flow ingress
ip flow egress
duplex auto
speed auto
service-policy output shape
interface GigabitEthernet0/1
description LAN
ip address 1.2.3.4 255.255.255.0
no ip redirects
ip flow ingress
ip flow egress
standby 255 ip 1.2.3.1
standby 255 priority 105
standby 255 preempt
standby 255 mac-address 1a2b.3c4d.5e6f
standby 255 track 1 decrement 10
duplex auto
speed auto
service-policy output AutoQoS-Policy-Trust
interface FastEthernet0/0/0
description BGP Peer 2
ip address 1.1.1.1 255.255.255.252
ip flow ingress
ip flow egress
duplex full
speed 100
service-policy output shape
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
router bgp 7777
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.1.1.2 remote-as 5555
neighbor 1.1.1.2 update-source FastEthernet0/0/0
neighbor 1.1.1.2 prefix-list L3-DEFGW in
neighbor 1.1.1.2 route-map L3-LPREF-IN in
neighbor 2.2.2.1 remote-as 6666
neighbor 2.2.2.1 ebgp-multihop 2
neighbor 2.2.2.1 update-source GigabitEthernet0/0
neighbor 2.2.2.1 send-community
neighbor 2.2.2.1 prefix-list COLO-DEFGW in
neighbor 2.2.2.1 route-map COLO-LPREF-IN in
neighbor 2.2.2.1 route-map COLO-OUT out
ip forward-protocol nd
ip bgp-community new-format
ip as-path access-list 5 permit _5555_
ip as-path access-list 5 deny .*
ip as-path access-list 10 permit ^6666$
no ip http server
no ip http secure-server
ip flow-top-talkers
top 50
sort-by bytes
ip route 0.0.0.0 0.0.0.0 1.1.1.2 254 name L3
ip route 0.0.0.0 0.0.0.0 2.2.2.1 255 name COLO1
ip route 10.0.0.0 255.0.0.0 10.10.10.10 name FW_OUTSIDE
ip tacacs source-interface GigabitEthernet0/1
ip access-list standard SNMP_SOURCES
permit 12.12.12.0 0.0.0.255
deny any log
ip prefix-list L3-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-LPREF-OUT seq 5 permit 1.2.3.0/24
route-map COLO-LPREF-IN permit 5
match as-path 5
set local-preference 250
route-map COLO-LPREF-IN permit 10
set local-preference 150
route-map COLO-LPREF-IN permit 20
route-map COLO-OUT permit 10
match ip address prefix-list COLO-LPREF-OUT
set as-path prepend 7777 7777 7777
set community 29795:1004
route-map COLO-OUT permit 20
route-map L3-LPREF-IN permit 10
match as-path 10
set local-preference 200
route-map L3-LPREF-IN permit 20
set local-preference 150
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps ds1
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps envmon
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps mac-notification
snmp-server enable traps aaa_server
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipslaWhen you were checking the ARP table was there an entry for Fast0/0/0?
HTH
Rick -
I need to change the MAC Address for Airport on MacBook
I have a specific need to change my son's Airport MAC address as his school requires the use of USB network cards that aren't compatible with MACs. These cards are needed because the school's router uses MAC address filtering.
Before we upgraded his Mac to Snow Leopard, we were able to change the MAC address to the MAC address of the useless dongal the school supplied. We basically created an AppleScript program that ran the "sudo ifconfig en1 ether xx:xx:xx:xx:xx:xx" and all was good.
This command no longer works for changing the MAC address. We tried it as root user as well and by typing it into the terminal window as root. After running the command, we can run "ifconfig en1" and it does display the new mac address but when we turn the airport on and try to connect, it just hangs and won't connect.
Our other non-Snow Leopard still works fine after running the commands so I'm guessing Apple disabled this functionality. It's hardly a security issue by being able to change your mac addres.
Is there a new way to accomplish this? I've searched everywhere.
Thanks!Would an easier solution be to provide the school's IT admin with your mac address and have it added? If they can add a block of mac addresses for the usb dongles, they can add more for machines that cannot use the dongle.
Also: "It's hardly a security issue by being able to change your mac address."
While it may not be a security issue for your machine, it is a security for the school network who is using mac address filtering as hopefully only one part of their wireless security.
That being said, have you read this?
http://osxdaily.com/2008/01/17/how-to-spoof-your-mac-address-in-mac-os-x/ -
I have created an Apple ID for my daughter with her own gmail address as the primary email address, but I want her Apple ID and primary email address to be an iCloud email address. How can I do this? I can't set up an icould email address for her without first creating an Apple ID right?
I'm not good with computers so please explain in simple way...:)
I also wonder what the best way is to set up accounts for children in a family. I dont want them to be able to purchase apps etc through the parents accounts, also some things we like to share as a family and others we don't want to share. Is there any good. clear, simple explanation from Apple Support about these issues? Or best to go to Apple store and go to genius bar or one to one advise?
thanksYou can set up an iCloud account which makes the iCloud email address you choose the Apple ID and thus the login for it:
https://discussions.apple.com/message/22283348#22283348
though I have to say I think it's more sensible if the ID is another address, both for security reasons (so people don't know what the login is) and as a contact address from Apple if the account were to stop working and they needed to contact you. So personally I would to to System Preferences, enter the GMail address which is an ID, and then choose a nerw @icloud.com address.
If she has her own iCloud account she will need either her own computer or her own user account on your Mac to be able to make use of it. You should note that under Apple's terms of use Apple IDs are only available to children of 13 and over.
As to purchasing apps, this is nothing to do with iCloud: it's iTunes, and the login can be different. So you can all sign into the same iTunes account but have different iCloud accounts. Or she can have her own iTunes account if she is of suitable age (credit card needed for purchasing apps).
If you have other children you should be aware that any one Mac or device can create only three iCloud accounts - this is tied to the serial number, not the user account, and once reached cannot be bypassed. You can of course sign into an iCloud account created on another device. -
How do I find the Mac address for my 8900?
I have a wireless network and can't connect to it at all. I have looked and typed in Blackberries search engine and came up with nothing, only answers are about a MAC computer, not what I am looking for.
I have to add the Mac address to the wireless network in order to get past the firewall and this is not working for me, any ideas.
Thank you,
Animal
Raising teenagers is like trying to nail
jell-O to a tree!Found it,
Overview
To find the Media Access Control (MAC) address of a Wi-Fi® enabled BlackBerry smartphone, complete the following steps:
Click Options.
Click Status.
The WLAN MAC field displays the MAC address for the BlackBerry smartphone.
Raising teenagers is like trying to nail
jell-O to a tree! -
How can I get a list of active savepoints for the current session?
Hi,
In Oracle Applications, we are getting the following error while performing ROLLBACK to a Savepoint.
"Unexpected Error: ORA-01086: savepoint 'PTNR_BULK_CALC_TAX_PVT' never establishe d ORA-06510: PL/SQL: unhandled user-defined exception"
So how can I get a list of active savepoints for the current session?
Could you please also let me know if there is any better way to debug this issue.
Appreciate any quick response as the issue is very critical.
Thanks,
Somauser776523 wrote:
Hi,
In Oracle Applications, we are getting the following error while performing ROLLBACK to a Savepoint.
"Unexpected Error: ORA-01086: savepoint 'PTNR_BULK_CALC_TAX_PVT' never establishe d ORA-06510: PL/SQL: unhandled user-defined exception"It sounds like there's an execution path in the code where the SAVEPOINT is never issued.
There is no way to get a list of active savepoints. Is this your code or a "canned" procedure? If it is your code you can go through the code looking for answers, possibly tracing execution using DBMS_OUTPUT.PUT_LINE or writing messages to a log table. If its a "canned" procedure you may need to open an SR with Oracle -
Can i use a 60 watts mac charger for an i.book G4
can i use a 60 watts mac charger for an i.book G4
I use a 65 watt for both a G4 iBook and a G4 Powerbook. The 60 watt would just be a little slower. I assume it is not an Apple charger as a 60 watt is not listed in the linked article.
http://support.apple.com/kb/HT1565
http://support.apple.com/kb/TS1725 -
Where can I get a list of available selection for certain dict type?
Where can I get a list of available selection for certain dict type in code? For instance, when I use SE16 to view VBFA table, I am presented with many filter criteria. One of them would be "VBTYP_N". When I click on the square next to the option, I am presented with a list of possible values to select from. Where can I get the list of this possible values for any given dict type in code?
Hi Frank,
The list of possible selection you see can be from diferent sources
1) Search helps defined either programatically or search helps defined at table level.
If it is a Z Selection screen check the program, then the data declaration of the parameter
2)Check tables provided at field level. They can be through use of foreign keys. The proposal generated could be simple compund ..
3) Fixed values at Domain level ()
Please refer to this link as well for detailed explanation
[http://help.sap.com/saphelp_470/helpdata/en/9f/dbaa5435c111d1829f0000e829fbfe/content.htm] -
IP-4-ZERO_ADDR: Zero MAC address for ip in ARP cache
Could someone hlep me with this log message: IP-4-ZERO_ADDR: Zero MAC address for <ip> in ARP cache
It just started appearing in our Cisco 10012 CMTS, and all of the documentation is very vague as to what it is and how to fix it. I'm hoping someone else has seen the message and can help clarify it's meaning. Thanks in advance!Your not the only one with these logs mess :
Jan 20 13:05:10: %IP-4-ZERO_ADDR: Zero MAC address for 10.100.xxx.69 in ARP cache
Jan 20 13:30:02: %IP-4-ZERO_ADDR: Zero MAC address for 10.100.xxx.69 in ARP cache
I thing the reason is that someone has a worm or something ping-flooding/scanning the network, check your arp table for incompletes.
What to do about it, disable icmp on the network maybe, for now we dont have a problem on the network but would be nice to fix this thing.
Martin
DK -
How do I find the MAC address for the time capsule?
I am trying to install 2T time capsule as my main router. Telus my internet supplier allows me to in install the MAC address for the static ip that I am going to use. But where is the MAC address on the cube or how do I get it?
On the bottom label it should list the MAC address.
If you happen to still run the original.. ie decent airport utility it has all that info right in front of you.
But you see that was before Apple reduced the airport utility to the status of a toy..
Pretty pictures no info.. think kid's book.
See very very pretty.. as a UTILITY though.. useless.
Maybe you are looking for
-
How to find out who made inserts/updates/deletes made to a SQL Table
I want to know WHO MAKES INSERTS/UPDATES/DELETES TO a particular SQL Table. Bascially I want to AUDIT ANY Edites made to a SQL 2008 TABLE. I need info such as WHO AMDE THE Updates i.e. the user first/lastname, When update was made, what row was updat
-
Nvidia Optimus on a Lenovo Y580
Greetings folk! I'm trying to get optimus workings on my Lenovo Y580 laptop. I had it working a few months ago, but I ended up having to format and reinstall reciently and now I can't seem to get it working with the latest version, I think I may be d
-
Authorization Based on Key Figure in an IP Layout
Hi, I have a situvation where there are 5 editable key figures in my IP layout, out of which 4 are open for all users and the other should be editable only for a few users. Can i have that kind of authorization in the same layout, where one key figur
-
Hi, I'm new to CS4, and kinetic Typography, so I was wondering if someone could point me in a direction to a tutorial relating to the creating technique used in the video below :- http://www.youtube.com/watch?v=mDUvPIIMeo0 at 0:22, where the texts ru
-
Do I need to uninstall older version of Photoshop first?
Nowhere in the FAQs or Install instrucitons, either the text or video install instructions, can I find any reference to the need or lack of the need, to uninstall an older version of Photoshop prior to downloading and installing the newer version. Sp