Cisco WLC username/mac address

Hi
Im are having problems with editing the User Field in the WCS. The purpose was to enable the ease to identify clients on the wireless network through their names rather than through MAC addresses which are currently the only method of authentication.
would appreciate it anyone could guide me in any form necessary in providing us to edit these details.

Just curious as to whether or not you figured out how to make this work. I would also like to get that set up.

Similar Messages

  • Cisco WLC Client MAC address backup to new Controller & ISE

    Hi All,
    We have an existing 4400 controller with MAC filtering for clients configured. Right Now, we are migrating to 5500 WLC and ISE setup.
    We want to use MAC filtering due to company policies on the new Controller as well as ISE.
    Is there a way (from GUI/CLI) that we can export the client MAC Addresses into an Excel file from existing WLC to new WLC & ISE?
    Thanks,
    CJ

    On the CLI issue a show macfilter summary and then import that into excel or a text editor.
    Sent from Cisco Technical Support iPhone App

  • WLC - block MAC Address

    Wireless system with 3 x WLC-4402, version 6.0.199.4, about 100 AP, about 300 clients.
    I need to block some clients that are bombarding me with frequent and repeated "Signature attack" (Auth flood).
    I tried to put the MAC Address in the black-list (Disabled Client), but it seams non work.
    Other suggestion ?
    Claudio

    If its an authentication issue, then you can enable client exclusion on the WLAN also.  3 failures will automatically put them in the exculsion list.  Not that I like pgrading, but the latest versions of 7.0.x are pretty good, but you need to make sure your AP's support that code.  6.x is pretty old.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Cisco WLC 5508 Mac Filtering

    Hi Group, how are you?.
    I know as Mac filtering feature works, but I need the opposite. I need to filter some mac-address to a particular SSID and permit all the other mac-address.
    Please, has anyone any ideas?.
    Thanks.
    Andrés.

    Hi Andres,
    I think stephan was talking about vlan based access control via RADIUS:
    check this document:
    http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00801444a1.html
    Regards
    Dont forget to rate helpful posts

  • Wlc 2100 mac -address issue

    Hi all,
      we are using wlc 2106-k9 controller,  with mac based authetication for cilents. After few days mac-address database  automatically deleted few mac-address. this is not first time it happen twice. we have entered totally 60 mac-address only . It has IOS AIR-WLC2100-K9-7-0-98-218.aes.
    Thanks in advance.

    I had the same problem yesterday and after many hours searching the web I ended up with this post that made me really desperate... But I didn't give up and while trying a new bios flash because of random crashes when in the bios, I noticed the obvious: you can change the MAC address when flashing 
    use the last version of the dos flasher with the parameters /nvmac:xxxxxxxxxxxx/wb after the name of the bios file; it's explained if you ask the help with the /help parameter. You can find the mac address on a stick on the parallel port.

  • Cisco ip to mac address of a device?

    What command can I run in CLI, to get a mac address that is associated with a provided ip address?
    Context: In order to access wifi, users have to go through a web authentication. Upon submiting their credentials, we are able to see their ip address. We want to query router api with cli or something, to find a mac address based on the ip.
    Any pointers?

    It is usually not possible for a person to get the MAC address of a computer from its IP address alone. These two addresses originate from different sources. Simply stated, a computer's own hardware configuration determines its MAC address while the configuration of the network it is connected to determines its IP address.
    However, computers connected to the same TCP/IP local network can determine each other's MAC addresses. The technology called ARP - Address Resolution Protocol included with TCP/IP makes it possible. Using ARP, each computer maintains a list of both IP and MAC addresses for each device it has recently communicated with.
    Most computers allow you to see the list of IP and MAC addresses that ARP has collected there. In Windows, Linux and other operating systems, the command line utility "arp" shows this information. Using "arp," you can in fact determine the MAC address of some computers from their IP address. ARP works only within the small group of computers on a local area network (LAN), though, not across the Internet. ARP is intended for use by system administrators and is not generally useful as a way to track down computers and people on the Internet.

  • Notes syncing problem with @me address vs @mac address

    Notes stopped syncing (on my mavericks macbook). I turned it off and on again in prefs. When it restarted it used my username@me address instead of my username@mac address. It was previously using my @mac address, which is my Mac ID. I cannot figure out how to get the @me out of there.

    I also have this problem.  A couple of days ago, the Notes App on my Macbook Pro (OSX Mavericks) stopped syncing to my icloud. My iphone and ipad don't have this problem.  I have done all the suggested actions (ie. unticking "notes" then ticking again; signing out of my icloud account then signing back in, etc), it then removed my icloud address on the Notes App and replaced it with [email protected]; but still no syncing.  It just keeps showing "UPDATING" on the status bar.  I can look at my icloud notes on the browser or my iphone but its just inconvenient.
    Any other suggestions?

  • WLC+LAP+ACS4.0 achieving 802.1x PEAP and MAC address authentication ?

    How to configure WLC + LAP + ACS4.0, achieving username and password authentication and MAC address at the same time

    This might help with the PEAP:
    http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00807917aa.shtml
    MAC Authentication
    Add a MAC Address to ACS
    Complete these steps:
    1. From the ACS main menu, click on the User Setup button.
    2. In the User text box, enter the MAC address to add to the user database.
    Note: The MAC address must be exactly as it is sent by the AP for both the username and the password. If authentication fails, check the failed attempts log to see how the MAC is being reported by the AP. Do not cut and paste the MAC address, as this can introduce phantom characters.
    3. On the User Setup screen, enter the MAC address in the Secure-PAP password text box.
    Note: The MAC address must be exactly as it is sent by the AP for both the username and the password. If authentication fails, check the failed attempts log to see how the MAC is being reported by the AP. Do not cut and paste the MAC address, as this can introduce phantom characters.
    4. Check the Separate (CHAP/MS-CHAP) box.
    5. Enter a password for CHAP/MS-CHAP (this password should be different from the MAC address).
    6. Click Submit.

  • ISE and WLC 5508 IP and MAc address

    Hi!
    Is it possible that we recibe IP address and Mac address Client at the same time in ISE ?
    The wlc permits choose radius Call station ip type MAC or IP, but not both.
    Thanks you,

    If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
    Sent from Cisco Technical Support Android App

  • AP 2700 - 2 MAC addresses - problem with joining to the WLC

    Hi,
    I had a problem with joining my new AP 2700 to the controller. I've found workaround but I would like to ask you if you know if this behavior is a some kind of bug or maybe feature :)
    I have DHCP server which assigns IP address base on the binding MAC address with the IP address. Without binding, IP won't be assigned so I added MAC address from the AP sticker (MAC and SN number is on the sticker at the back of each AP) to the DHCP, connected AP to the switch port which was configured exactly the same way like other ports on this switch where older AP are working fine and.... nothing. IP address was not assigned. There was no DHCP request in the DHCP server logs.
    During the investigation I've found that AP present 2 MAC addresses on the switch interface:
    switch#sh mac address-table interface fa1/1
    Mac Address Table
    Vlan Mac Address Type Ports
    11 58f3.54c1.2cb3 DYNAMIC Fa1/1
    11 58f3.54c1.2cb4 DYNAMIC Fa1/1
    The first one (58f3.54c1.2cb3) is a "sticker" MAC address but the second one (58f3.54c1.2cb4) is something new. Looking in to the DHCP logs I've found log that this second MAC address (58f3.54c1.2cb4) tried to get IP address but it was not possible because this MAC was not binding with any IP address so DHCP server refuse. I added this second MAC (58f3.54c1.2cb4) to the DHCP server, AP get IP address, join to the WLC, download software, reboot and ... this MAC address disappear.
    switch#sh mac address-table interface fa1/1
    Mac Address Table
    Vlan Mac Address Type Ports
    11 58f3.54c1.2cb3 DYNAMIC Fa1/1
    Software I had on the AP before joining to the WLC was:
    Version :
    Cisco IOS Software, C2700 Software (AP3G2-RCVK9W8-M), Version 15.2(4)JB5, RELEASE SOFTWARE (fc1)
    now I have (after downloaded from the WLC)
    Version :
    Cisco IOS Software, C2700 Software (AP3G2-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
    Do anyone know what happen?

    (WLC1) >show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.6.130.0
    Bootloader Version............................... 1.0.20
    Field Recovery Image Version..................... 7.6.95.16
    Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
    Build Type....................................... DATA + WPS
    System Name...................................... WLC1
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    Redundancy Mode.................................. Disabled
    IP Address....................................... 10.10.10.10
    Last Reset....................................... Software reset
    System Up Time................................... 25 days 2 hrs 53 mins 5 secs
    System Timezone Location.........................
    System Stats Realtime Interval................... 5
    System Stats Normal Interval..................... 180
    Configured Country............................... US - United States
    Operating Environment............................ Commercial (0 to 40 C)
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +44 C
    External Temperature............................. +22 C
    Fan Status....................................... OK
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Disabled
    Number of WLANs.................................. 6
    Number of Active Clients......................... 25
    Burned-in MAC Address............................ XX:XX:XX:XX:XX:XX
    Power Supply 1................................... Present, OK
    Power Supply 2................................... Present, OK
    Maximum number of APs supported.................. 25
    (WLC1) >show time
    Time............................................. Thu Apr 9 13:51:00 2015
    Timezone delta................................... 0:0
    Timezone location................................
    NTP Servers
    NTP Polling Interval......................... 3600
    Index NTP Key Index NTP Server NTP Msg Auth Status
    1 0 10.10.10.11 AUTH DISABLED
    It's look like AP doesn't allow for console login or commands it just only show activity. After rebooting the WLC I get information:
    Cisco IOS Software, C2700 Software (AP3G2-RCVK9W8-M), Version 15.2(4)JB5, RELEASE SOFTWARE (fc1)

  • Cisco Aiornet 1042 with MAC address

    Hi,
    I have a Cisco Aiornet, model  AIR-AP1042N-E-K9.
    I need to configure the AP to only certain MAC access. 
    I'm doing the configuration through the console. 
    The wireless network is not showing up in devices, anyone know why?
    version 15.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname ap_disi
    logging rate-limit console 9
    enable secret 5 xxxxx.
    aaa new-model
    aaa group server radius rad_eap
    aaa group server radius rad_mac
    aaa group server radius rad_acct
    aaa group server radius rad_admin
    aaa group server tacacs+ tac_admin
    aaa group server radius rad_pmip
    aaa group server radius dummy
    aaa authentication login default local
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authorization exec default local 
    aaa accounting network acct_methods start-stop group rad_acct
    aaa session-id common
    no ip routing
    no ip cef
    dot11 syslog
    dot11 ssid DISI-WLAN24
       authentication open 
    dot11 ssid DISIWIFI
       authentication open mac-address mac_methods 
       authentication key-management wpa version 2
       infrastructure-ssid
    dot11 guest
    username Cisco password 7 xxxx
    username Admin privilege 15 password 7 xxxx
    bridge irb
    interface Dot11Radio0
     no ip address
     no ip route-cache
     encryption mode ciphers aes-ccm 
     ssid DISI-WLAN24
     ssid DISIWIFI
     antenna gain 0
     speed  basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
     station-role root
     l2-filter bridge-group-acl
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 spanning-disabled
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
    interface Dot11Radio1
     description AP SITAS
     no ip address
     no ip route-cache
     encryption mode ciphers aes-ccm 
     ssid DISIWIFI
     antenna gain 0
     peakdetect
     no dfs band block
     speed  basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
     channel dfs
     station-role root
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 spanning-disabled
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
    interface GigabitEthernet0
     no ip address
     no ip route-cache
     duplex auto
     speed auto
     l2-filter bridge-group-acl
     no keepalive
     bridge-group 1
     bridge-group 1 spanning-disabled
     no bridge-group 1 source-learning
    interface BVI1
     ip address 192.168.0.252 255.255.254.0
     no ip route-cache
     ipv6 address dhcp
     ipv6 address autoconfig
     ipv6 enable
    ip default-gateway 192.168.1.254
    ip forward-protocol nd
    ip http server
    ip http authentication aaa
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    ip radius source-interface BVI1 
    access-list 700 permit 8830.8a24.7eb5   0000.0000.0000
    access-list 700 deny   0000.0000.0000   ffff.ffff.ffff
    snmp-server view dot11view ieee802dot11 included
    snmp-server community public view dot11view RO
    snmp-server location DISI
    snmp-server contact SITAS
    snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
    snmp-server enable traps tty
    snmp-server enable traps entity
    snmp-server enable traps disassociate
    snmp-server enable traps deauthenticate
    snmp-server enable traps authenticate-fail
    snmp-server enable traps dot11-qos
    snmp-server enable traps switch-over
    snmp-server enable traps rogue-ap
    snmp-server enable traps wlan-wep
    snmp-server enable traps config-copy
    snmp-server enable traps config
    snmp-server enable traps syslog
    snmp-server enable traps cpu threshold
    snmp-server enable traps aaa_server
    snmp-server host 192.168.1.6 public 
    radius-server attribute 32 include-in-access-req format %h
    radius-server vsa send accounting
    bridge 1 route ip
    line con 0
    line vty 0 4
     transport input all
    sntp server 192.168.1.215
    sntp broadcast client
    end

    Please refer: http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-4-25d-JA/Configuration/guide/cg_12_4_25d_JA/scg12-4-25d-JA-chap16-filters.html#wp1034897

  • Wlc 5508 invalid ipad mac address

    Hello,
    Help me pls,
    While configuring mac address filter on a WLC 5508 there is problem with mac address beginning with 77:....
    I cant add it to WLC mac filter.
    Thanks in advance

    If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
    Sent from Cisco Technical Support Android App

  • Cisco Aironet 1240 AG Access Point - configure Mac Address using Telnet

    Hi there,
    I’ve got a problem hopefully someone can help me with. I have the above mentioned AP and it is configured, working well and providing wireless access to several laptops on our domain.
    The thing is I can’t get access to the web-based interface to add new laptops Mac addresses to the AP as I currently have them secured with local list Mac address authentication but my user name and password when entered in the web browser login dialog box won’t allow me in although strangely it does allow me to login using the same credentials when I telnet into the AP.
    Does anyone know why I can’t get logged in using the web interface even though the user name and password does appear to be correct as I can telnet in? Also if you have any suggestions how I could sort this without having to perform the password recovery procedure, as I don’t want all the config on the AP wiped and want to avoid having the set the whole thing up again.
    As I workaround if anyone knows what the commands are to allow me to add the Mac addresses of the new laptops so they are added to the local list Mac address authentication list so the new laptops are secured that would be great.
    Thanks in anticipation,
    Tony

    Your AP is probably configured to use the enable secret as the password. Try entering nothing for the username, and enter your enable secret for the password ('Cisco' by default).
    If that doesn't work, post your running-config and we'll be able to see why it's doing that. It's a standard configuration, and no worries because wiping the AP won't be necessary since you can successfully Telnet in.
    Jeff

  • WLC 2500 pierde lista de MAC Address luego que se va la energía eléctrica

    Saludos, tengo un problema con un Cisco 2500 Wireless Controller, tengo activada el MAC Filtering y tiene una lista de MAC address, pero cada vez que se va la energía eléctrica se pierde la clave de acceso a la red wireless, la activación del MAC Filtering y la lista, lo que me olbiga a definir nuevamente la clave de acceso a la red wireless, marcar el cuadro de la opción MAC Filtering y a ingresar toda la lista de MAC address, alguna idea de como evitar que me suceda esto?.... el resto de la configuración permanece intacta, gracias por su ayuda.

    Hola Walter.
    Lo que trata de decir Scott es que ese comportamiento en el WLC no es normal,por lo cual te aconseja abrir un caso al TAC de cisco.
    I'm a native spanish Speaker

  • [Ask] How to restriction number of mac address per client on WLC !!!!!!

    Dear all,
    First, thank for read my topic, now i have a small trouble with WLC.
    My company have 12 APs & Cisco 5508 WLC, all things work well.
    We already setup a WLAN for user can connect to internet (using local net users account), but they using their mobile phones, notebook to share internet connection with others peoples, we don't want that, we want only that user can use internet, and their mobile phone, notebook can't become a portable wifi hotspot (we see them on Rogue APs)
    I known that we can use MAC address filter, but we must use local net users for some reason,
    Do you have any idea, any solution for this case ?
    Thank you.

    The solution cannot be fixed with Wireless.
    This solution can only be fixed using AD.
    I remembered in a place where I used to work that they can control the aspect of how your computer behaves using AD to the extent you cannot use the USB ports.  You'll need special permission and fill out a 12-page document to get this lifted.
    With AD, you can prevent a laptop for using both Wireless and wired simultaneously.
    You also have to consider using a proxy server so you'll be able to track down users.

Maybe you are looking for