WEP with MAC address
Hi,
I have successfully configured the multiple SSID in the Access-point. But I am not able to achieve my objective. I want to allow only one user laptop to connect with this SSID. Currently I have applied the max session configuration but I want to bind the MAC address with this SSID. So that on the base of MAC address users can connect with SSID EMGAS which is configured for WEP.
dot11 ssid EMGAS
vlan 24
max-associations 2
authentication open
guest-mode
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
encryption vlan 1 mode ciphers tkip
encryption vlan 25 mode ciphers tkip
encryption vlan 24 key 1 size 40bit 7 88953EF67928 transmit-key
encryption vlan 24 mode wep mandatory
ssid EMGAS
ssid GUEST
ssid WAP
dot11 ssid EMGAS
vlan 24
max-associations 2
authentication open
guest-mode
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
encryption vlan 1 mode ciphers tkip
encryption vlan 25 mode ciphers tkip
encryption vlan 24 key 1 size 40bit 7 88953EF67928 transmit-key
encryption vlan 24 mode wep mandatory
ssid EMGAS
ssid GUEST
ssid WAP
Kindly assist me how to achive the MAC base restriction in the SSID (EMGAS).
You can do an ACL and block it from the AP. (See below)..
But to do it by SSID I think you will need a radius server ...
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008058ed26.shtml
Similar Messages
-
802.1x authentication with mac address
Hi guys,
there is a strange requirement from one of our customer,
they want us to do 802.1x with mac address authentication and they dont want the pop-ups which ask
for username, password and domain.
is it possible??
can i avoid popping up the username password with 802.1x and that too with mac address???
Any help would be greatly appreciated
Thanks
JvalinHi,
The feature which you are looking for is possible in case of wired 802.1x. This feature is called as the MAC-Auth Bypass and is done mostly if the client machine is not 802.1x capable. However nowerdays it is used even if the machine is 802.1x capable.In this we enter the MAC address of the machine in the user database e.g. Active Directory. When you connect the client machine to the Switch, if we have MAC-Auth Bypass enabled on the port, it would take the MAC address of the machine as the username without any prompt for username and password.
A windows server admin can easily push a group policy which disables the 802.1x on the client machine and it would only respond to the MAC-Auth Bypass.But first you would have to make sure your switch has the Mac-Auth Bypass in the IOS.
For more information, you can go to http://www.cisco.com/univercd/cc/td/doc/solution/macauthb.pdf
Regards,
Kush -
Palm Vx won't sync with Mac Address
I am trying to sync my Palm Vx with mac address book. Changes or entries made in the address book show up on the Palm but changes or entries made on the Palm don't show up in the address book. Everything else syncs just fine.
The conduit settings read as follows:
Voice Memo: Synchronize
Note Pad: Synchronize
Memo Pad: Synchronize
Media: Synchronize
iSync Conduit: See Conduit Settings (Enable iSync for this Palm device is checked)
Install: Install Files
Backup: Backup
I'm not sure what I need to do. Any suggestions.
Additional info:
iSync Version 2.3 (500.86)
Palm Vx
Mac OS X (10.4.8)
Address book version 4.0.4
HotSync Manager V 3.2I hope its OK to join my problem to this Post...
I have a very similar problem, where all my contacts were delete from my computer Address Book and transfered (not sync) to the iPhone.
Is there a fix...
Thanks -
Controller detected its ip address by machine with MAC Address
Hi
I am getting error "Controller detected its ip address x.x.x.x using my machine with MAC address xx:xx:xx:xx:xx:xx"when i upgrade my Cisco Wireless Controller 5508 from 7.0.116.0 to 7.4.110.0. Any suggestion
RegardsHi Mohammed,
If you have more then one controller ??
Could be:
1.Error suggest that it hase detected a duplicate address(its managemnet IP address fo WLC) is in used by a client with the mac address xx:xx:xx:xx:xx:xx.
Please chekc the management interface IP on each controller.
2. Looks like u enabled LAG on controller ?
Means you have connected more then one port from your controller to different switches.
regards -
Domain authentication with mac address restrictions
I am in a branch office and I have one WLC 5508 and one ACS 4.2 with three WLANs:
WLAN1 with SSID1: for company computers and laptops
WLAN2 with SSID2: for ipads and tablets
WLAN3 with SSID3: for guests
I am asked to configure WLAN2 as “WLAN2: Provides the Wi-Fi connectivity to ipads and tablets, with back end security using domain authentication with mac address restrictions.You would need to create a seperate policy and be able to have a seperation between the two policies... It's kind of hard to explain, but you would have for example:
Policy 1:
Wireless user on this SSID WLAN1
AD on this AD Group (Machine)
Policy 2:
Wireless user on this SSID WLAN 2
AD on this AD Group (USer)
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"***** -
Is weblogic 8.1 sp4 maps with 'Mac' address while installing.
I have issue with weblogic which is running currently, I have decided to copy the dump to different system and run. Will this work, does the new system require same IP address and 'Mac' address(Physical address) as old system. Is weblogic 8.1 installation maps with 'mac' address? please awnser.
Hi,
The license.bea file includes the ip addresses that are are authorized. This is not MAC sensitive. If you are not transitioning your IP address to the new system, you will need a new license.bea file. Either use elicense.bea.com or open a support case for this.
Regards,
-Adrian -
Cisco Aiornet 1042 with MAC address
Hi,
I have a Cisco Aiornet, model AIR-AP1042N-E-K9.
I need to configure the AP to only certain MAC access.
I'm doing the configuration through the console.
The wireless network is not showing up in devices, anyone know why?
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap_disi
logging rate-limit console 9
enable secret 5 xxxxx.
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
no ip routing
no ip cef
dot11 syslog
dot11 ssid DISI-WLAN24
authentication open
dot11 ssid DISIWIFI
authentication open mac-address mac_methods
authentication key-management wpa version 2
infrastructure-ssid
dot11 guest
username Cisco password 7 xxxx
username Admin privilege 15 password 7 xxxx
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid DISI-WLAN24
ssid DISIWIFI
antenna gain 0
speed basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
l2-filter bridge-group-acl
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
description AP SITAS
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid DISIWIFI
antenna gain 0
peakdetect
no dfs band block
speed basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
l2-filter bridge-group-acl
no keepalive
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface BVI1
ip address 192.168.0.252 255.255.254.0
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
ip default-gateway 192.168.1.254
ip forward-protocol nd
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 700 permit 8830.8a24.7eb5 0000.0000.0000
access-list 700 deny 0000.0000.0000 ffff.ffff.ffff
snmp-server view dot11view ieee802dot11 included
snmp-server community public view dot11view RO
snmp-server location DISI
snmp-server contact SITAS
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps switch-over
snmp-server enable traps rogue-ap
snmp-server enable traps wlan-wep
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps cpu threshold
snmp-server enable traps aaa_server
snmp-server host 192.168.1.6 public
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
transport input all
sntp server 192.168.1.215
sntp broadcast client
endPlease refer: http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-4-25d-JA/Configuration/guide/cg_12_4_25d_JA/scg12-4-25d-JA-chap16-filters.html#wp1034897
-
I've been using MAC filtering as part of my home network wireless security for years. This means inputting the MAC address of every device and computer that I want to have connect to my network. So I get my new WiFi + 3G iPad on May 28th and look in Settings to find the MAC address so I can input it into my router info. The router (D-Link) says that it's not a valid MAC format, presumably because it begins with E8 instead of the 00 that all my other devices have. I ended up having to disable MAC address filtering in order to have my iPad connect to my WiFi network. Does anybody have any comments or ideas about how I can get the router to recognize a MAC that begins E8:06 etc.?
Would appreciate any help. Thanks.
GlenysI am using MAC filtering on my network using a Linksys router (WRT300N) and had no problems adding our iPad to the MAC table. Also, if I'm not mistaken, the first portion of a MAC address is unique to the manufacturer, so unless all of your wireless devices are from the same manufacturer (at least the wireless component of the device), then it isn't likely that all of your MAC addresses will start with the same digits. Make sure when you enter the MAC address that you include the colon in between each pair. My Linksys won't accept the MAC address without them. As someone else recommended, you may also want to see if there is a firmware update for your router that addresses this issue. Good Luck.
-
Hyper-V on Windows 8.1 is messing with MAC address when sharing my Wifi card
Hello,
I'm using Hyper-V on Windows 8.1 to build a complete SharePoint Development environment.
All of my VM are following this scheme:
a "local" private network shared between the host and all VM, using a static IP address plan (192.168.10.0/24)
a RJ45 external network, attached to my physical ethernet card. This network uses DHCP protocol
a WIFI external network, attached to my wireless network card. This network also use DHCP protocol
When plugged on the ethernet card, I have no issue. Both the host and the guest OSes are getting a valid IP address.
However, when I try to connect on the wireless card, I get some weird errors. Actually, my guest OS are getting the same IP address than the host. This issue an IP address conflict.
Someone else got the same kind of behavior : Windows 8.1
Hyper-V : IP address conflict on Guest OS
I've checked my MAC address plan, and it seems correct.
Using WireShark (a tool I'm not used to I admit), I can see that all DHCP request of the guest os, are sending the host MAC address, and not the guest' one.
Does anyone have an answer to this weird behavior?
Thanks,
steve
Paying back the community for its help by writing articles :
Have a Nice Day.Net BlogHi Steve,
Please try the following step and then retry ipconfig /renew in your VM :
1. Configure the WI-FI router to assign a static IP address to the host’s wireless network adapter(the IP should not be in DHCP Pool).
2. On the host, configure the wireless network adapter to use a static IP address. The IP address will be the same address configured in step 1.
3. Using Hyper-V Manager, create an external network switch that is bound to the host’s wireless network adapter
Hope this helps
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Hi Elton,
First of all, thanks for your effort.
I will try your suggestion, but even if it works, it won't solve the actual root the issue.
Moreover, it is only relevant if I can control every wireless network I'm connecting to. What about if I travel and I connect with a customer wireless network? what about an hotel wireless network?
As I said, wireshark shows me DHCP requests using the wrong IP address. I strongly believe there's a bug somewhere between the wireless card driver and Hyper-v Mac-Bridge service.
Steve
Paying back the community for its help by writing articles :
Have a Nice Day.Net Blog -
I just got a new laptop form work and wanted to add it to my home network. Even though I put in the MAC address, it continue to ask me to put in the router password. Not only that, it started to do that with my other devices within my home network.
With Airport Express setup being relatively quick and easy, I would put the work laptop aside while you reestablish your home network and ensure that your non-work devices operate without having to re-enter Router Passwords. Once that is done, I would turn the work laptop on and see if it discovers the home network. Once you have entered the network password once, look for an option to remember the network. It may be defaulting to your work network on each re-connect.
-
How to find which port on the switch that it connected with Mac address?
Hi,
I am trying to find which port of the switches it connected to thru mac-address?
I am able to get the mac-address from the ip address when i do
"show ip dhcp binding snooping" at the core switch.
But when I move on to the Edge switch to check which PC with this Mac address connected to the port,i returned with no result.(onli trunk port result)
I use sh ip arp | inc 000d.60cb.445d
but didn't give me which port it connected to.
How to solve this problem?
thanks!
KLHi KL,
If you are already on the edge switch you can run a command "sh mac-address-table address " and it will give you the port number.
Incase you get a port which is a trunk port that means the end device does not exist on this switch and exist on some downstream switch. So you can just find out the ip address of the downstream switch with "sh cdp neigh detail" command and connect to that downstream switch and then again issue the command "sh mac-address-table address " and check the port number and follow the above steps till the time you get the switch on whcih end host is connected.
HTH, if yes please rate the post.
Ankur -
Replace icloud address book with Mac address book?
I just created my icloud account on my Mac- I already had it set up on my iphone. When I did this, it pulled my address book from my icloud but my address book On My Mac is most up to date. How can I replace my icloud address book with my Mac address book on my mac?
Welcome to the Apple Community.
Go to users and groups and choose only your On My Mac Contacts to display.
Ensure that nothing is typed in the search field.
Click to select the first contact and shift-click the last to select them all.
Drag the list of contacts to your desktop.
Delete the contacts from Address Book (using your delete key).
Now choose only your iCloud Contacts to display
Ensure that nothing is typed in the search field.
Click to select the first contact and shift-click the last to select them all.
Delete the contacts from Address Book (using your delete key).
Make sure your iCloud account is your default account (preferences > general).
Select All iCloud contacts from users and groups.
Drag the file you previously dragged to your desktop back onto Address Book.
You might want to back up all your contacts before you begin.
Select All contacts in users and groups
Click to select the first contact and shift-click the last to select them all.
Drag the list of contacts to your desktop. -
Sync Treo 755p with Mac address book and ical
I just bought a Treo 755p Verizon. I loaded in the Palm software, but it does not sync with the mac address book. I don't want to have to re-enter 600 contacts. How can I get Palm and Mac address book to talk to each other?
Post relates to: Treo 755p (Verizon)Well, I got some good news for you. I just synced my Treo 755p with my Macbook Pro using both the palm sync and isync. It synced both my iCal & Address book. It has to do with the conduit setting in the palm sync manager. Here's what I did...try it and let me know.
I downloaded the latest version of the Palm Desktop (although I do not use it)
Then, at the top of the page of the Palm Desktop go to "HotSync" then to "Conduit Settings"
Then highlight "iSync Conduit" by clicking on it and press the big square button at the top called "Conduit Settings"
Then check the box :enable isync for this device" Then click OK.
This did it for me....It's syncing with my ical, addressbook, etc.
Let me know if this helps!!!
Thanks for yours!!
Billy Bob
Post relates to: Treo 755p (Sprint) -
Address Book won't sync with .Mac address book
When I attempt to sync the address book contatcs on my Powerbook with .Mac, after much spinning and churning, it get the error message:
"An inconsistency was detected on .Mac for your Contacts data. You may want to reset .Mac from a computer with good data."
This is the ONLY computer with this contact data. There is no other computer with "good data" to reset .Mac from. I have 776 contacts on this computer and it is my work base. .Mac only has 103 contacts. Sereiously, this is not a joke. You must be prepared to fix your gross errors with this software.
.Mac sync is probably the worse software implementation on the Apple platform. It has wiped on critical and important data on many occasions my cell phone and my wives Motorola phones. Getting errror messages such as these are alarming and terribly distressing. Where have Apple's standards for quality gone?You must be on OS X 10.7 in order to use iCloud.
OS X 10.7 (Lion) is available in the App Store as a digital download. It is $29. Best practice - be sure to make a backup copy of your computer before upgrading any software.
After you download and install 10.7 Lion, you will have an iCloud icon in System Preferences. -
IP address Confilct with Mac Address
I have a windows server domain within which I have four mac users, three of them are using the latest version of leopard and all of them are having the same problem. This has happened three times (twice since I have worked here) and I have not seen any real resolution to the problem. The error I get "IP xxx.xxx.xxx.xxx is in use by the following mac address" happens for no apparent reason. I know very well that the IP address is not in use, and whats more is that the mac address that is said to be in conflict bound to the four diffrent IP addresses is the same on all four computers. This does not make any sense, how can diffrent IP addresses be in conflict with a device that is said to use the same mac address.
I have identified that the mac address is given to a trunk port on one of my cisco switches. I know the switch does not conflict with the IP addresses.is in the same path:
/System/Library/SystemConfiguration/IPConfiguration.bundle/Resources/IPConfigura tion.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ARPDetectCount</key>
<integer>3</integer>
<key>ARPDetectRetryTimeSeconds</key>
<real>0.015</real>
<key>ARPGratuitousCount</key>
<integer>1</integer>
<key>ARPProbeCount</key>
<integer>3</integer> *YOU NEED TO CHANGE IT*
<key>ARPRetryTimeSeconds</key>
<real>0.4</real>
<key>DHCPAcceptsBOOTP</key>
<false/>
<key>DHCPAllocateLinkLocalAtRetryCount</key>
<integer>2</integer>
<key>DHCPDefendIPAddressCount</key>
<integer>3</integer>
<key>DHCPDefendIPAddressIntervalSeconds</key>
<integer>30</integer>
<key>DHCPFailureConfiguresLinkLocal</key>
<true/>
<key>DHCPInitRebootRetryCount</key>
<integer>2</integer>
<key>DHCPLocalHostNameLengthMax</key>
<integer>15</integer>
<key>DHCPRequestedParameterList</key>
<array>
<integer>1</integer>
<integer>3</integer>
<integer>6</integer>
<integer>15</integer>
<integer>119</integer>
<integer>95</integer>
<integer>252</integer>
<integer>44</integer>
<integer>46</integer>
<integer>47</integer>
</array>
<key>DHCPRouterARPAtRetryCount</key>
<integer>0</integer>
<key>DHCPSelectRetryCount</key>
<integer>3</integer>
<key>DHCPSuccessDeconfiguresLinkLocal</key>
<true/>
<key>DiscoverAndPublishRouterMACAddress</key>
<true/>
<key>DiscoverRouterMACAddressTimeSeconds</key>
<integer>60</integer>
<key>GatherTimeSeconds</key>
<integer>1</integer>
<key>InitialRetryTimeSeconds</key>
<integer>1</integer>
<key>LinkInactiveWaitTimeSeconds</key>
<integer>4</integer>
<key>MaximumRetryTimeSeconds</key>
<integer>8</integer>
<key>MustBroadcast</key>
<false/>
<key>RetryCount</key>
<integer>9</integer>
<key>RouterARPEnabled</key>
<true/>
<key>RouterARPExcludedSSIDs</key>
<array>
<string>tmobile</string>
</array>
<key>Verbose</key>
<false/>
</dict>
</plist>
Message was edited by: Federico_82
Message was edited by: Federico_82
Message was edited by: Federico_82
Maybe you are looking for
-
I have an HP photosmart 2610 4 in1. How can I scan multiple items and put them in the same attachment using e-mail? Using my laptop.
-
Hi there, Chinese and Japanese font / character still cannot display in AIR 13.0 or 14.0.0.103 , Android 4.4.2 Korean font is OK. Any ideas?? Thanks! Contra
-
Connecting stereo speakers to an iMac
I am thinking about making the final jump and just trashing my stereo and running all my music through my iMac. Three questions: 1.) Is the output of an iMac going to be high enough quality to sound good through my stereo speakers? 2.) Is this done b
-
Single GL account Bank Reconcilation
Hi FI Gurus, My client has single Bank account rather than 3 GL account consisting of Main, Issue Clg, deposit Clg. Now they want to do bank reconcilation. Can it be possible to do bank reconcilation for Single GL (main) account. If yes then what I n
-
How to read Image data from oracle DB?
How to read a oracle database object ORDSYS.ORDImage from oracle database? I can get a oracle.sql.STRUCT object from the database, but i can not find the way to convert data to a image object(like oracle.ord.im.OrdImage) I had used "OrdImage imgObjj1