MAC filter on WRT54GS2 V1 - loses some MAC numbers :(

I have a WRT54GS2 V1 and I use only the MAC filter for wireless protection.
It has the annoying habit of losing some of the MAC numbers I have typed in.
I haven't been able to correlate these events with any other predictable events - the problem seems to happen at random times.
Is this a known problem? I have had many other earlier versions of the 54G series - use the MAC filter in the same way on them and never had this problem.
Any suggestions would be appreciated.
Thanks
Walt

Sorry. But you wrote you want to use the MAC filter for "wireless protection". The MAC filter is absolutely unsuitable for "wireless protection".
MAC addresses are always transferred unencrypted.
MAC addresses are easily modified and cloned.
You block my MAC address in the list? I change my MAC address and I am back in.
You only allow a few MAC addresses on the list? I pick up the allowed MAC addresses with a standard network sniffer and change my MAC address to a whitelisted one.
Trust me: the wireless MAC filter is absolutely useless for wireless security/protection.
And don't forget: if you only use the MAC filter without any wireless encryption it is trivial to sniff on all your network traffic. With WEP it takes about 5 minutes to crack the WEP keys and then you can capture and sniff all network traffic again.
Again: use WPA2 Personal with AES and a strong passphrase. That provides you with real wireless security.

Similar Messages

  • MAC filter for wireless security????

    I have hooked up my wireless router and had trouble with the security part.  I am now set up with the wireless security disabled but the MAC filter enabled and my wireless computers mac number entered and all is working.  will the MAC filter work as security for my wireless network.  thanks tdm

    MAC address filtering is considered a very low level of security.  It will keep honest people from accidentally logging into your network, but that is about it.  MAC addresses are transmitted wirelessly when you use your router.  Anyone can monitor your transmissions, so it is easy to learn a working MAC address.  They can then fake the MAC address and loggin to your network whenever you are not connected.
    Also, when your transmissions are not encrypted, anyone within range can monitor your wireless transmissions, even without logging into your network.  With a good antenna, your transmissions can probably be picked up for at least half a mile from your home.  So someone could monitor the web sites you visit, your email, etc., and in some cases, your passwords.
    You really should setup wireless security on your network.
    Here are my tips for setting up wireless security:
    To set up wireless security, you must use a computer that is wired to the router.
    Where to find the router settings: The router's login password is usually on one of the "Administration" pages. The other settings are all found in the "Wireless" section of the router's setup pages, located at 192.168.1.1
    First, give your router a unique SSID. Don't use "linksys".
    Make sure "SSID Broadcast" is set to "enabled".
    Next, leave the router at its default settings (except for the unique SSID), and then use your pc to connect wirelessly to the router. Test your wireless Internet connection and make sure it is working correctly. You must have a properly working wireless connection before setting up wireless security.
    To implement wireless security, you need to do one step at a time, then verify that you can still connect your wireless computer to the router.
    Next, encrypt your wireless system using the highest level of encryption that all of your wireless devices will support. Common encryption methods are:
    WEP - poor (see note below)
    WPA (sometimes called PSK, or WPA with TKIP) - good
    WPA2 (sometimes called PSK2, or WPA with AES) - best
    WPA and WPA2 sometimes come in versions of "personal" and "enterprise". Most home users should use "personal". Also, if you have a choice between AES and TKIP, and your wireless equipment is capable of both, choose AES. With any encryption method, you will need to supply a key (sometimes called a "password" ).
    The wireless devices (computers, printers, etc.) that you have will need to be set up with the SSID, encryption method, and key that matches what you entered in the router.
    Retest your system and verify that your wireless Internet connection is still working correctly.
    And don't forget to give your router a new login password.
    Picking Passwords (keys): You should never use a dictionary word as a password. If you use a dictionary word as a password, even WPA2 can be cracked in a few minutes. When you pick your login password and encryption key (or password or passphrase) you should use a random combination of capital letters, small letters, and numbers, but no spaces. A login password, should be 12 characters or more. WPA and WPA2 passwords should be at least 24 characters. Note: Your key, password, or passphrase must not have any spaces in it.
    Most home users should have their routers set so that "remote management" of the router is disabled. If you must have this option enabled, then your login password must be increased to a minumum of 24 random characters.
    One additional issue is that Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=917021 and it will direct you to the patch.
    Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.
    Note:
    WEP is no longer recommended. The FBI has demonstrated that WEP can be cracked in just a few minutes using software tools that are readily available over the Internet. Even a long random character password will not protect you with WEP. You should be using WPA or preferably WPA2 encryption.
    Message Edited by toomanydonuts on 01-16-2008 03:38 AM

  • WRT160N wireless MAC Filter settings reset on their own

    I recently purchased and setup a WRT160N router.  Having no real problems with router - it works fine with exception of the MAC filter settings.  I most often access the router config from an XP machine (used to initially setup the router) which is wired, as well as from a VISTA notebook that is wireless.  I am noticing that when I check the MAC filter settings, the previous setup is missing - meaning that all MAC addresses are gone, and the filtering option is removed.
    I have set this up numerous times, and VERIFIED that I click on save at the bottom of the page, verify I have enable checked, etc.  I am wondering if there is something I'm missing - the settings don't appear to "stay" - the filtering option simply disappears and returns to disabled.  I may answer my own question here (or point myself in the right direction), but is there a dependancy on some other setting that is causing my filter to "disappear" on me?

    Have you tried to reset your Router and Re-configure all the settings back on your Router? If not then Reset your Router and re-configure all the settings. If still doesn't work, then you need to upgrade the firmware of your Router. Download the latest firmware for your Router from the Linksys website, Go to http://www.linksysbycisco.com/US/en/support/wrt160n/downloads and select the proper version number of your Router and download and save the firmware on your computer.
    Login to the Routers GUI and click on the Administration tab and below click on the sub tab "Firmware Upgrade" and click on the browse button and select the firmware file and click on upgrade...Once the firmware upgrade is successful... Then you need to Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

  • CSCuh08009 - WPA2-PSK mac-filter assign interface wrong after client roaming back

    Hi All,
    Does anyone here experienced the same problem in WLC 5500 controllers?
    FW: 7.4.110
    WPA2-PSK with MAC-Filter, ACS has the database of allowed host MAC addresses
    Regards,
    Mikhail Veran

    Thanks Scott, The code version is 7.6.130.0 which supports Sleeping Client feature. However, as per the docu "http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration-guide/b_cg76/b_cg76_chapter_010111.html#reference_7008E6F7D7094BA7AD39491D7361622D"
    The authentication of sleeping clients feature is not supported with Layer 2 security and web authentication enabled.
    and as you mentioned as well
    ...Sleeping client like George mentioned is a better way than adjusting the idle timer but strictly for layer 3 only...
    Sleeping Client wasn't an option in my case. That is why I was hoping that Idle Timeout may do the trick here. This is an actual case where a client with an existing wireless network just wanted to enable sleeping client feature so that their guests don't need to re-auth if their device sleeps or they go out (break) and come back after some time. Layer-3 Web Auth alone should be enough I think. Keeping L2-PSK is probably their security team's decision, as they also use the same SSID for BYOD devices and don't want nearby people/buildings to see that there is an Open Wifi available and on joining would see the Web Auth portal and company disclaimer. 
    George, I agree with Dot1X method. It can be used for the BYOD devices (separate SSID) while we can keep the Guest WLAN as L3-WebAuth only on controller (or do CWA through ISE if available). 
    Thanks for all your help.
    Rick.

  • WLC Webauth on mac filter / Bypass

    Hi
    I am currently experimenting with the webauth 'On MAC Filter failure' feature.
    In most cases things work fine, meaning that: user arrives in SSID coverage, if his MAC is registered in our radius he is allowed through, if not heassociates to the AP and gets the usual splashscreen. But, in some weird cases things dont happen as expected: user arrives in SSID coverage, if his MAC is registered in our radius he is allowed through, if not he can not associated.
    I tryed to run some debugs but with little success as I dont know what I am looking for.
    As far as I can say, the problem appears with devices I used for testing (allow through MAC filter, then removed ...) and make me think of some kind of caching mechanism. (things like fastpath come into my mind).
    Did someone implement the feature successfully?
    Thanks,
    seb.

    Hi,
    Sure (debug client 00:24:d6:23:d0:58). Problem is visible around  12:26:47.612
    *pemReceiveTask: Sep 22 12:25:38.048: 2c:a8:35:cf:20:14 Sent an XID frame
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Adding mobile on LWAPP AP 00:08:30:4a:d6:50(0)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Association received from mobile on AP 00:08:30:4a:d6:50
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 0) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying site-specific IPv6 override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying IPv6 Interface Policy for station 00:24:d6:23:d0:58 - vlan 113, interface id 11, interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Applying site-specific override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 STA - rates (8): 130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 STA - rates (12): 130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 apfProcessAssocReq (apf_80211.c:5122) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Idle to AAA Pending
    *aaaQueueReader: Sep 22 12:26:26.258: Unable to find requested user entry for 0024d623d058
    *aaaQueueReader: Sep 22 12:26:26.258: ReProcessAuthentication previous proto 8, next proto 40000001
    *apfMsConnTask_4: Sep 22 12:26:26.258: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 20) in 10 seconds
    *aaaQueueReader: Sep 22 12:26:26.258: AuthenticationRequest: 0x2aeb3be8
    *aaaQueueReader: Sep 22 12:26:26.258:   Callback.....................................0x100df840
    *aaaQueueReader: Sep 22 12:26:26.258:   protocolType.................................0x40000001
    *aaaQueueReader: Sep 22 12:26:26.258:   proxyState...................................00:24:D6:23:D0:58-00:00
    *aaaQueueReader: Sep 22 12:26:26.258:   Packet contains 14 AVPs (not shown)
    *aaaQueueReader: Sep 22 12:26:26.258: apfVapRadiusInfoGet: WLAN(3) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *aaaQueueReader: Sep 22 12:26:26.259: 00:24:d6:23:d0:58 Successful transmission of Authentication Packet (id 255) to 10.83.40.111:1812, proxy state 00:24:d6:23:d0:58-00:01
    *aaaQueueReader: Sep 22 12:26:26.259: 00000000: 01 ff 00 b0 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *aaaQueueReader: Sep 22 12:26:26.259: 00000010: 00 00 00 00 01 0e 30 30  32 34 64 36 32 33 64 30  ......0024d623d0
    *aaaQueueReader: Sep 22 12:26:26.259: 00000020: 35 38 1e 21 30 30 2d 30  38 2d 33 30 2d 34 61 2d  58.!00-08-30-4a-
    *aaaQueueReader: Sep 22 12:26:26.259: 00000030: 64 36 2d 35 30 3a 55 4e  41 49 44 53 2d 54 45 53  d6-50:UNAIDS-TES
    *aaaQueueReader: Sep 22 12:26:26.259: 00000040: 54 2d 32 1f 13 30 30 2d  32 34 2d 64 36 2d 32 33  T-2..00-24-d6-23
    *aaaQueueReader: Sep 22 12:26:26.259: 00000050: 2d 64 30 2d 35 38 05 06  00 00 00 0d 04 06 0a 53  -d0-58.........S
    *aaaQueueReader: Sep 22 12:26:26.259: 00000060: 05 80 20 0d 47 45 2d 44  43 57 4c 43 2d 30 31 1a  ....GE-DCWLC-01.
    *aaaQueueReader: Sep 22 12:26:26.259: 00000070: 0c 00 00 37 63 01 06 00  00 00 03 02 12 0d e4 89  ...7c...........
    *aaaQueueReader: Sep 22 12:26:26.259: 00000080: d6 a8 35 ae 7e ee 86 d9  65 0e 78 f5 5d 06 06 00  ..5.~...e.x.]...
    *aaaQueueReader: Sep 22 12:26:26.259: 00000090: 00 00 0a 0c 06 00 00 05  14 3d 06 00 00 00 13 40  .........=.....@
    *aaaQueueReader: Sep 22 12:26:26.259: 000000a0: 06 00 00 00 0d 41 06 00  00 00 06 51 05 31 31 33  .....A.....Q.113
    *radiusTransportThread: Sep 22 12:26:27.262: 00000000: 03 ff 00 14 64 b5 1e e0  41 f9 08 3f 47 46 3c 2b  ....d...A..?GF<+
    *radiusTransportThread: Sep 22 12:26:27.262: 00000010: 33 38 28 a3                                       38(.
    *radiusTransportThread: Sep 22 12:26:27.262: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Sep 22 12:26:27.262: ****Enter processRadiusResponse: response code=3
    *radiusTransportThread: Sep 22 12:26:27.262: 00:24:d6:23:d0:58 Access-Reject received from RADIUS server 10.83.40.111 for mobile 00:24:d6:23:d0:58 receiveId = 0
    *radiusTransportThread: Sep 22 12:26:27.262: 00:24:d6:23:d0:58 Returning AAA Error 'Authentication Failed' (-4) for mobile 00:24:d6:23:d0:58
    *radiusTransportThread: Sep 22 12:26:27.262: AuthorizationResponse: 0x3c4fd8b4
    *radiusTransportThread: Sep 22 12:26:27.262:    structureSize................................32
    *radiusTransportThread: Sep 22 12:26:27.262:    resultCode...................................-4
    *radiusTransportThread: Sep 22 12:26:27.262:    protocolUsed.................................0xffffffff
    *radiusTransportThread: Sep 22 12:26:27.262:    proxyState...................................00:24:D6:23:D0:58-00:00
    *radiusTransportThread: Sep 22 12:26:27.262:    Packet contains 0 AVPs:
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Applying new AAA override for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values for station 00:24:d6:23:d0:58
                                                                                                            source: 2, valid bits: 0x0
            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1
                                                                                                                                                    vlanIfName: '', aclName: ''
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Applying site-specific override for station 00:24:d6:23:d0:58 - vapId 3, site 'UNAIDS-HQ', interface 'unaids-guests'
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1621)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Inserting AAA Override struct for mobile
            MAC: 00:24:d6:23:d0:58, source 2
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Inserting new RADIUS override into chain for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values for station 00:24:d6:23:d0:58
                                                                                                            source: 2, valid bits: 0x0
            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1
                                                                                                                                                    vlanIfName: '', aclName: ''
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Initializing policy
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state AUTHCHECK (2)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state L2AUTHCOMPLETE (4)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) DHCP Not required on AP 00:08:30:4a:d6:50 vapId 3 apVapId 3for this client
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Not Using WMM Compliance code qosCap 00
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 00:08:30:4a:d6:50 vapId 3 apVapId 3
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state DHCP_REQD (7)
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 apfMsAssoStateInc
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from AAA Pending to Associated
    *apfReceiveTask: Sep 22 12:26:27.263: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 49) in 1800 seconds
    *apfReceiveTask: Sep 22 12:26:27.264: 00:24:d6:23:d0:58 Sending Assoc Response to station on BSSID 00:08:30:4a:d6:50 (status 0) ApVapId 3 Slot 0
    *apfReceiveTask: Sep 22 12:26:27.264: 00:24:d6:23:d0:58 apfProcessRadiusAssocResp (apf_80211.c:2153) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Associated to Associated
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 4431, Adding TMP rule
    *apfReceiveTask: Sep 22 09:31:33.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
      type = Airespace AP - Learn IP address
      on AP 00:08:30:4a:d6:50, slot 0, interface = 13, QOS = 0
      ACL Id = 255, Jumbo F
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 7006  IPv6 Vlan = 113, IPv6 intf id = 11
    *apfReceiveTask: Sep 22 12:26:29.211: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (ACL ID 255)
    *pemReceiveTask: Sep 22 12:26:29.212: 00:24:d6:23:d0:58 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
    *pemReceiveTask: Sep 22 12:26:29.212: 00:24:d6:23:d0:58 Sent an XID frame
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 Received Idle-Timeout from AP 00:08:30:4a:d6:50, slot 0 for STA 00:24:d6:23:d0:58
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 4, reasonCode 4
    *spamApTask4: Sep 22 12:26:46.641: 00:24:d6:23:d0:58 Scheduling deletion of Mobile Station:  (callerId: 30) in 1 seconds
    *osapiBsnTimer: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireCallback (apf_ms.c:608) Expiring Mobile!
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireMobileStation (apf_ms.c:5009) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Associated to Disassociated
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 Sent Deauthenticate to mobile on BSSID 00:08:30:4a:d6:50 slot 0(caller apf_ms.c:5094)
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 Sending Accounting request (2) for station 00:24:d6:23:d0:58
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsAssoStateDec
    *apfReceiveTask: Sep 22 12:26:47.611: 00:24:d6:23:d0:58 apfMsExpireMobileStation (apf_ms.c:5132) Changing state for mobile 00:24:d6:23:d0:58 on AP 00:08:30:4a:d6:50 from Disassociated to Idle
    *apfReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 0.0.0.0 DHCP_REQD (7) Deleted mobile LWAPP rule on AP [00:08:30:4a:d6:50]
    *apfReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 Deleting mobile on AP 00:08:30:4a:d6:50(0)
    *pemReceiveTask: Sep 22 12:26:47.612: 00:24:d6:23:d0:58 0.0.0.0 Removed NPU entry.
    *aaaQueueReader: Sep 22 12:31:04.526: Unable to find requested user entry for 2ca835cf2014
    *aaaQueueReader: Sep 22 12:31:04.526: ReProcessAuthentication previous proto 8, next proto 40000001
    *aaaQueueReader: Sep 22 12:31:04.526: apfVapRadiusInfoGet: WLAN(3) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *radiusTransportThread: Sep 22 12:31:05.530: 00000000: 03 00 00 14 cd cd cd 40  48 d9 c9 26 10 81 e3 5b  .......@H..&...[
    *radiusTransportThread: Sep 22 12:31:05.530: 00000010: b0 35 95 73                                       .5.s
    *radiusTransportThread: Sep 22 12:31:05.530: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Sep 22 12:31:05.530: ****Enter processRadiusResponse: response code=3
    Thanks,
    Seb.

  • Can't use MAC Filter and have Blinking Red Link Light on WRE54G

    I just added a WRE54G V3 extender to my WRT54G V8,  I have download the most recent firmware on both products.  My network in using WPA and after fixing all the typo associated with setting all that up I still could not establish wireless connectivity.  I am/was using MAC Filters on the WRT54G and had added and triple checked the WRE54Gs Mac address,, but until I disabled the Mac Filter I could not connect to the network.  I would like to get that issue resolved.  Secondly even with the MAC Filter disabled the Link Light blinks red at a regular interval.  It does appear that I have connectivity, but the light just blinks away.  If this is normal I could not find any reference is the written materal.  Thanks for any advice you might have.
    Message Edited by ecanon on 04-16-2008 01:31 PM

    Sorry to appear toltake so long to get back to this, but I did post a message in reply somewhere ????, but it doesnt appear here??? and then I got tied up on some personal stuff.
    Anyway, I followed all the advice I could find on this thread (thanks to everyone who has posted to any question on this thread) and after starting completely over reseting everything and basically configuring the RE with everything else turned off and then powering up everything starting with the router, I got everything up and running using WAP and all.
    The only issue left is when I enable MAC filtering on the router to allow only the MAC addresses in the list access to the network the RE goes belly up.  Disable Mac filtering and it comes right back up.  I have triple checked the Mac address I entered on the list.  The only reference to the RE's MAC address is on the sticker on the back.  I can't find that verified anywhere in the configuration screens on the RE.
    If I could get his working I could count my security as good as it gets and go on about my business.
    Thanks again to all for helping me get this far.

  • WRT54G2 V.1 - Mac Filter List gone - Security Hole ?

    Help,
    I was trying to block some unwanted users using Mac Filter but for unknown reason, after I succeed, my Mac Filter List gone empty. It happened several times. First I let it happened some times so I'm sure what really happened there.
    My config is let wireless users able to access the web server by Http. I use WPA2 Personal with TKIP-AES. I let my SSID broadcast, and I let any users who need access to the network know/use the secret key.
    I thought it shouldn't be mattered since I protect my Linksys Web Server use good password. But I was wrong. And when 'it' happened (just before MAC Address gone empty and blocked users then able to connected to my network), uknown device got connected to the network first.
    It happened several times as I said before, but the last one hit me surely that my config, Mac Filter list, anyhow, can get erased by something/someone if I keep this way. So I decided to change the config and not let the wireless users to have access to my linksys web server.
    I change from Http to Https. I disabled wireless users to having access to the web server. And to make me comfort I activate AP Isolation too. I use Access (internet) Restriction rather than Mac Filter because it is more comfortable to me as I can create policies.
    Anyone have same experience ? Expert explanation would be a great appreciate.
    Oh yes. I don't have any config change since I use my new configuration. That's what I can tell. Thanks.

    to a determined hacker, MAC address filtering is a trivial security block to overcome (as you seem to have found out). You would be better, as Gandalf said, to disable SSID broadcast, and provide the SSID and WPA passphrase to anyone that you want to allow to connect to your network.
    Tomato 1.25vpn3.4 (SgtPepperKSU MOD) on a Buffalo WHR-HP-G54
    D-Link DSM-320 (Wired)
    Wii (Wireless) - PS3 (Wired), PSP (Wireless) - XBox360 (Wired)
    SonyBDP-S360 (Wired)
    Linksys NSLU2 Firmware Unslung 6.10 Beta unslung to a 2Gb thumb, w/1 Maxtor OneTouch III 200Gb
    IOmega StorCenter ix2 1TB NAS
    Linksys WVC54G w/FW V2.12EU
    and assorted wired and wireless PCs and laptops

  • MAC Filter don't work on extended Network

    Hi guys,
    Here's my setup : I've got an Airport Extreme 802.11n that has always been working great /___sbsstatic___/migration-images/migration-img-not-avail.png
    I just bought an Airport Express for two reasons :
    1) I wanted to plug another computer with a network wire (no wireless capacity)
    2) I wanted to boost my wireless signal
    So in the Airport configuration : Airport > Wireless > Mode
    I choose "Extent a wireless network"
    (my system is in french so many translation is not perfect)
    Now it works great for both 1) and 2) : I can plug a computer with no wireless capacity on it with a network cable and it works fine.
    Plus : we can access it wirelessly
    HOWEVER my big problem is that : the MAC filter doesn't work anymore /___sbsstatic___/migration-images/migration-img-not-avail.png/___sbsstatic___/m igration-images/migration-img-not-avail.png/___sbsstatic___/migration-images/mig ration-img-not-avail.png/___sbsstatic___/migration-images/migration-img-not-avai l.png
    So anyone who would happen to know my WPA2 key could access it and that *****.
    Can anyone please tell me how I can fix this because now I see that anyone can connect to the Airport Express wirelessly even though they just can't connect to the Airport Extreme.
    BTW : Please no discussion over the fact that MAC adresses can be cloned, etc.... I know it I just want this to work
    Oh and what's that WDS network thing ?
    Thanks all /___sbsstatic___/migration-images/migration-img-not-avail.png

    I know !!
    I tried !!
    But I can't get WDS to work !!!!!!
    And I've done it BY THE BOOK !
    not so complicated actually : Airport extreme = Primary WDS mode + set Distant WDS MAC address in it, then Aiport Express = Distant WDS mode + set Primary WDS mode MAC Address
    and I've played around with some options the **** thing just won't work... I keep getting that stupid flashing orange thing forever and the diagnostic is : Problem with WDC settings

  • I have a photo cd from photographer that was burned on a mac but it will not open on my mac.  It goes in, makes some noise, then ejects.  My system pref. is set to open iPhoto when a photo cd is inserted.  She has sent me 2 disc and both do the same thing

    I have a photo cd from photographer that was burned on a mac but it will not open on my mac.  It goes in, makes some noise, then ejects.  My system pref. is set to open iPhoto when a photo cd is inserted.  She has sent me 2 disc and both do the same thing.  Any ideas?

    NOt an iPhoto issue - either a bad CD or a bad Superdrive on your computer - no way for us to tell  try the CD in a different computer
    LN

  • I just bought a new Mac and I want to transfer some data (not all) from my old Mac.  Basically, I want to move my itunes library, iphoto library, and a few documents.  I have not even turned on my new Mac yet.  Is the best way by an external hard drive?

    I just bought a new Mac and I want to transfer some data (not all) from my old Mac.  Basically, I want to move my itunes library, iphoto library, and a few documents.  I have not even turned on my new Mac yet.  Is the best way by an external hard drive?

    If both have Firewire ports then you can accomplish your goal by using Target Disk Mode. If this is not possible then you can do using an external drive or if you have a local network connect both to your network and use filesharing between the two computers.
    File Sharing on Macs
    Mac 101- File Sharing

  • How do i set up my kindle to receive audio books? Is there a MAC filter? it must be disabled and I dont know how to do this

    how do i set up my kindle to receive audio books? Is there a MAC filter? it must be disabled and I dont know how to do this

    By default, any type of MAC filtering is disabled on the AirPort base stations ... unless, of course, you or someone else enabled it.
    If it is enabled, to disable it, you would use the AirPort Utility.
    AirPort Utility > Select the AirPort > Manual Setup > AirPort > Access Control tab > MAC Address Access Control: Not Enabled

  • Problem with connetction to wrt54g2 via wireless connection with WPA/WPA2 & wireless MAC filter

    Hello,
    I'm Alexey from Novosibirsk, Russia.
    I have a problem with connection to wrt54g2 from my DELL D630 notebook via wireless connection. When I setup WPA/WPA2 in wireless security and wireless MAC filter I can't connect from notebook to WRT - in Windows I see that dynamic IP address from WRT is not assigned. When I switch off security mode to disable always OK, but I need a wireless security between DELL and WRT.
    Connection via cable Ethernet port is OK.
    Can You help me?

    Have you tried the different laptop...?
    Download 1.71 MB the firmware for WRT54G2 v1 and reflash the router's firmware.After reflashing/upgrading the router's firmware,reset the router for 30 seconds and reconfigure the router from scratch. 

  • To install Tiger, some Macs need internal DVD drive, or CD version of Tiger

    Disclaimer: Apple does not necessarily endorse any suggestions, solutions, or third-party software products that may be mentioned in the topic below. Apple encourages you to first seek a solution at Apple Support. The following links are provided as is, with no guarantee of the effectiveness or reliability of the information. Apple does not guarantee that these links will be maintained or functional at any given time. Use the information below at your own discretion.
    Some Macs while they have Firewire, don't support Target Disk Mode, nor Firewire booting. These Macs if they came with no DVD drive, and only a CD drive or CD-RW drive (as opposed to combo or superdrive), can only install Tiger (Mac OS X 10.4) if you:
    1. Install a compatible internal DVD drive from which supports http://www.patchburn.de/ or other firmware that supports Mac OS X booting.
    2. Find the original retail CD version of Mac OS X 10.4 that was available for a limited time called the Media Exchange Program CD.
    These Macs include the Blue and White G3 desktop (non-iMac), and the PCI PowerMac G4 described below:
    http://docs.info.apple.com/article.html?artnum=58418
    The iMac G3 with built-in Firewire, iBook G3 with built-in Firewire, and AGP PowerMac G4 with built-in Firewire at least support Firewire booting and Target Disk Mode which would allow them to use an external optical DVD drive that supports Mac OS X booting.
    If they didn't have an internal DVD drive.
    Port #4 in this image below is a Firewire port:
    Notes: Macs released on or after April 26, 2005 need to install Tiger from the discs that came with them, or a newer retail release except Intel Macs. Retail release of Tiger is a black disc with a white X logo and does not say Upgrade or Update.
    Intel Macs could only install Tiger from the discs that came with them.
    Macs released on or after October 26, 2007 can't install Tiger.
    Do you want to provide feedback on this User Contributed Tip or contribute your own? If you have achieved Level 2 status, visit the User Tips Library Contributions forum for more information.

    What happens if the firmware isn't updated?
    The display may stop working, even for OS 9. It is not easy to fix.
    I just installed 10.2 on one of them and it seems to be working. Should I uninstall it and upgrade the firmware and start over?
    Check the "Boot ROM version" with System profiler. If the firmware is updated it will be 4.1.9
    It is not necessary to remove OSX to install the updates if OS 9 is still on the hard drive. If not, and the OS 9 drivers are there, OS 9 can be installed without affecting OSX.
    The update won't install if it is not needed.

  • What is the recommended number of clients per Mac server? Also what are some recommended specs when purchasing an Apple machine that will have Mac OS X server installed?

    What is the recommended number of clients per Mac server? Also what are some recommended specs when purchasing an Apple machine that will have Mac OS X server installed? We have around 300 clients that need to be enroled on the Mac server. I want to know what is the recommended amount of clients a Mac server should contain. Also what are some recommended specs to make sure the server will flawlessly?

    Hello cpreasbeck,
    Thank you for contacting Apple Support Communities.
    I was able to find the following transition guide for Xserve that provides some workload guidance to determine performance when planning a server deployment.
    Transition Guide Xserve
    http://images.apple.com/xserve/pdf/L422277A_Xserve_Guide.pdf
    On page 9, Performance there is a chart that provides maximum numbers of connected users for various activities such as file sharing, mail, web, calendar, directory services and Time Machine and the CPU used as a server (Xserve, Mac Pro, Mac Mini). This information is a bit dated as the referenced software is Snow Leopard Server (OS X 10.6), and the hardware is older also, but it should give you a general idea of what you might need to look for.
    Regards,
    Jeff D.

  • Wireless MAC filter can not be active to connect to WIFI?

    I use a Linksys router with WEP security and a Wireless MAC filter. When I turned off WEP I was unable to connect to the router with my iphone 3g but when I enabled WEP and turned off the MAC filter I connected right away.
    Has anybody else seen this or has anyone successfully connected to a router with a MAC filter?
    Thanks

    I have no problems connecting to a router with MAC filtering enabled... I would just double check that you entered the correct MAC address into your router (Settings>General>About>Wi-Fi Address) and make sure the permissions are set correctly for that MAC address (if applicable)...

Maybe you are looking for

  • Printing file name on document.

    I want to print the name of the file when I print out a document. Instead of writing out the file name on each document, can't I just choose some preferance to do this for me?

  • Modifications on VA01

    Hi Experts, I've created my own screen in VA01 ( using screen 8459 in SAPMV45A ) with five additional fields. Theese fields are used for some calculations and the result is returned to the main screen item data in the field Qty. Where I should make c

  • Adobe photoshop elements vs aperture 1.5

    which among this would be a perfect alternative for the iPhoto? i need something that won't be too much of a RAM hog but with loads of photo editing capabilities. adobe cs3 is way over my budget. 1. adobe photoshop elements 2. aperture 1.5 3. lightro

  • AC_RunActiveContent.js HACKING

    my web site has been hacked few time trought the AC_RunActiveContent.js code you can see the google entry for my web site www.mrytz.com google their is a warning message. As soon as I remove the AC_RunActiveContent.js code everything is fine but I ca

  • I have just bought a Photosmart Plus B210a printer/scanner

    How do I print on both sides of the page with my B210a printer? I have tried it with limited success. I print the odd numbered pages, turn the the printed pages around and reinsert them into the feeder tray, then print the even numbered pages. This r