'WIRED' MAC address control.
Chaps, good day to you all.
Now I know how to restrict access for any wireless device connecting to my Airport Basestation/Time Capsule, but what if someone wants to connect via cable?
Anybody out there know if it's also possible to manage that at all, (whether from the Airport Utility interface or from terminal etc)?
Thanks.
I don't want the whole device hidden really tho.
It wouldn't be.
I was thinking of a common security type device that offices use to prevent unauthorized access and use of equipment. It's a device similar to a small bird cage, but stronger, with a mechanism to add a lock.
The "bird cage" allows the wireless signal out, but prevents hands from reaching and changing anything on the device.
Message was edited by: Bob Timmons
Similar Messages
-
SCCM 2012 Losing Wired Mac Address of Laptops
When attempting to re-image a laptop I have found that SCCM replaced
the wired MAC address in properties with the wireless MAC. This is only an issue when I go to image as it will not PXE, I get a no boot file received message.
I have been deleting the laptops from SCCM completely and then re-importing them using the wired MAC.
After re-adding the laptop with the wired MAC it is still holding a record of the last PXE Deployment (once deleted the
system will PXE boot fine).
Is there a way to have SCCM actively hold both MAC addresses?I'm in the same boat as JLCARON401. Laptop devices in SCCM seem to forget the MAC address of the wired interface.
Tim, they show up in the Hardware History section of Resource Explorer, but not in the current view. You can see the device listed, but the MAC field is empty.
I just put this together to grab data from the database directly to confirm that the data exists.
SELECT DISTINCT
MACAddress00
FROM
[CM_PEN].[dbo].[Netcard_HIST] netcard
INNER JOIN
[CM_PEN].[dbo].[Computer_System_DATA] computer
ON
netcard.MachineID = computer.MachineID
WHERE
computer.Name00 like 'SMS-LIB-MD%'
AND
netcard.MACAddress00 IS NOT NULL
AND
netcard.AdapterType00 like '%802.3%'
Not sure where to go with this next. I'm looking into it because we're having problems with laptops that charge in a cart are missing updates. I've rigged up a cart with power and a switch so each laptop can be powered up (WOL) during the night to have all
the outstanding deployments installed. -
Time Capsule: Connection possible despite mac address control activated
AirPort Utility version 7.5.2
I control access to my wireless network with WPA2 and restricted mac addresses for years now and I know it worked - but not anymore.
I recently realized, that it is possible to connect a "new" device without registration currently, only the correct password is necessary. I noticed this first when my new iPhone could connect with only password and could reproduce this with another iPhone and a notebook of a friend.
Checking Time Capsule settings everything is okay, mac address controls are set to "Timed Access".
I can't find an explanation for this behaviour on my side and I'm afraid this is a software problem. Can with the same configuration check against please?but you can set access to "never", this does the job too.
Correct. That is what I meant when I said that you can "edit" it.
I have lobbied Apple several times to make this setting and setup more clear. Most users do not understand the confusing "default" rule, which allows access to any computer with the password unless the MAC address is listed in a separate rule. Users assume that no computer will be allowed access unless it is specifically allowed, when that is not the case. It is really confusing. -
WRT54g Version 5.0
Firmware 1.02.8
I have been able to figure out how to block Wireless MAC addresses, and that has been VERY helpful.
( Wireless Tab -> Wireless MAC filter -> Permit Only -> and so on.... )
But I am cannot find out how to block certain wired based MAC addresses. Is this possible?
Solved!
Go to Solution.Yes. With access restrictions.
Of course, as MAC addresses are easily changed, cloned and detected on wireless connections (as MAC addresses are always transferred unencrypted) the wireless mac filter is useless for wireless security. On the wireless, use WPA2 Personal with AES and a strong passphrase. The wireless MAC filter won't make a difference in regard to your WPA2 protected wireless network.
Same applies to wired devices and access restrictions. Of course, the difference with wired connections is that you have better control over you can plug into your router and who not... -
MAC address access control default?
I'm still using old graphite ABS, and all of them
are using MAC address access control.
Just by accident I connected a PB G4 with an
internal extreme Airport card.
The MAC address of this AirPort card wasn't in the
access list of the ABS.
It looks like ABS does only limit access through
MAC addresses for 802.11b cards. I'll spend some time
to double check this behaviour.
Did anyone already see this default of access
control?I'm pretty well aware of the limitations of any kind of
MAC address control: in an hostile environment its a
"straw house" or an "empty extinguisher".
But in a collaborative and friendly environment I thought
it may be a useful "frontier marker" between "friendly" and
clearly "hostile" behaviors.
This belief was foolish. -
How do you change the MAC address in Leopard?
I've found that http://spoofmac.com works great in Leopard... for spoofing the AirPort MAC address. Not so much for the ethernet. It seems that something changed in Leopard and I haven't seen any information about spoofing wired MAC addresses and success under Leopard.
(A legitimate reason to spoof a MAC address: I'm trying to get two ports in my apartment swapped from the student subnet to the faculty subnet. The net admin has no idea which cables are involved and wants to trace MAC addresses. I've got a couple of routers plugged into the ports... but no way of getting the routers to go through the web forms to register with our student ResNet and therefore no way to get the routers (and their MAC addresses) out of their ResNet jail, and make them traceable so I can get these ports swapped. So... I'm trying to spoof their MAC addresses on a machine that can go through the web forms to get those MAC addresses out of jail. Unclear if spoofing the MAC addresses on the wireless will suffice. Ay yi yi.) -
How to find mac address of a client computer in specified time and port in WIFI WCS Control system
how to find mac address of a client computer in specified time and port in WIFI WCS Control system
WCS record-keeping is very crude.
You'll get the time/date when the client authenticated. You'll get the local inside address but you'll need the router to translate the outside IP address and the port.
You will need a proxy server to determine what sites did a wireless client goes. -
MAC address and router access control
My iPhone 3GS can only access the network (through my Netgear KWGR614 wireless router) when the router's MAC address access control is off. When I turn it on the phone is blocked. The MAC address I use is taken from the iPhone settings. It begins with 64. All other MAC addresses I have ever seen begins with 00. Is this MAC address correct? If it is right, could it be that the router can't handle this address?
The first 3 bytes of the mac address identifies the manufacturer. For example, mine starts with 04:1e:64 which is Apple
04-1E-64 (hex) Apple, Inc
041E64 (base 16) Apple, Inc
1 Infinite Loop
Cupertino CA 95014
UNITED STATES
. if it starts with 64 then it belongs to
64-4F-74 (hex) LENUS Co., Ltd.
644F74 (base 16) LENUS Co., Ltd.
18-5 Gwacheon-Dong
Gwacheon Gyeonggi-Do 427-060
KOREA, REPUBLIC OF
check this list : http://standards.ieee.org/regauth/oui/index.shtml
enter your first 3 numbers (first 3 pairs) from your wifi (settings/general/about) (don't use colons in the search)
Not sure about the router as I never tried mac filtering. Each router will behave differently.
Hope this helps. -
Why does my airport express/time capsule show more wireless clients than I've authorized via the MAC address access control?
Sorry, but I have to re-awaken this old thread.
1. I recently purchased a new iPad.
2. With a) a hidden SSID, b) a MAC address-based access control list and c) a WPA2 secured network, I am assuming that no new device should be able to access my WiFi network.
3. When I got home with the new iPad on Friday evening, and started it, it was online without even asking me whether to connect, or what the WPA2 key was.
I find this strange.
Additional information:
4. I also have an iPhone 4S.
5. I used the personal hotspot feature of the iPhone 4S to connect the WiFi-only iPad to the Internet while on the road.
6. That personal hotspot feature was still enabled when I got home with the iPhone and the new iPad.
7. Home network setup:
7a) Fritz.Box 7270 as DSL modem/router (WiFi disabled)
7b) Apple Airport Extreme (v 7.6.4) connected via LAN to DSL router, (in bridge mode, create wireless network), Access control on this base station.
7c) Apple Airport Express (v 7.6.4) connecte to Airport Extreme via WiFi (extend wireless network), Access control not an option on this base station.
8. Native IPv6 enabled on all devices (and provided by ISP).
Any suggestion and help is highly appreciated. -
Broadcast Storm Control - Mac-address flooding
Hi Friends,
We would like to configure broadcast storm control in our LAN to detect/avoid mac-address flooding. What is the best way and Can I know how to decide the raising threshold & falling threshold values ?.. Please suggest.
Regards,
S.TamilvananHello,
the best way is to monitor your network fir 5-6 days in order to find out the normal pattern of broadcast traffic. Then based on results form this monitoring process you can set the thresholds of broadcast traffic. -
User Control System based on MAC address?
I wonder how can I make a user control system for my website based of visitor's computer's MAC addresses?
Is it possible to get MAC address of visitors of my site in FLASH? If possible how?
Thanks for reply in advanceNot possible through flash player. You may advocate javascript approach and use it in combination with Flash.
-
WAP4410N Connectivity control - Illegal MAC address
I use a WAP4410N in Access Point mode and have it configured to control connectivity via approved MAC addresses.
I have just taken delivery of a Nokia 5800 mobile phone from Three that has a MAC address EC:9B:5B:xx:xx:xx.
When entering the 5800 MAC address in the WAP4410N's connectivity control table I get a popup warning "MAC address must be 12 Hex characters (0-9 and A-F) with optional delimiters (: or -), and the second bit is not a odd number". Although it is given as a "warning" it will not accept the MAC address.
I could of course disable the wifi MAC connectivity control without compromising the security too much, but this would be a last resort.
Is there any way around this?
Would you advise me to return the phone (would be a real hassle!!) because it may give problems in the future on other wifi networks?
If I do return the phone there is no guarantee that the replacement would have a more "standard" MAC address. My wife took delivery of the same phone yesterday, but from Orange. It's MAC address starts 00:xx:xx:xx:xx:xx and has presented no problem. I have lodged queries with both Three and Nokia, but had no response as yet.Update: There was something else wrong with this phone (radio didn't work) so I had to return it to my service provider anyway. The replacement phone had a legal MAC address so all is now well.
I would still be interested in the answers to my questions though if anyone has any wisdom in these matters. -
802.1x and wired dynamic vlans on MAC addresses
Hi All,
I would like to setup our new offices with dynamic vlans determined by the MAC address of the device connecting. So I need a database of MAC addresses in groups for which vlan they will go in, with separate vlans for printers and servers and computers and BYOD. If this can work for wireless too then even better.
I've done some reading but am really struggling to find the information I need.
We have a Windows domain and brand new 3850 Cisco switches.
Can anyone steer me in the right direction (or tell me how to do it!) please?
Thanks for reading.Hi,
So you need to perform MAB authentication. As you mentioned, you will need to create a DB of MAC entries.
In order to configure the Windows server (2003 or 2008?) to assign the dynamic VLAN you need to define the Remote Access Policies and create the custom attributes. For example:
Tunnel-Medium-Type. Select a value appropriate to the previous selections you have made for the policy. For example, if the network policy you are configuring is a wireless policy, select Value: 802 (Includes all 802 media plus Ethernet canonical format).
Tunnel-Pvt-Group-ID. Enter the integer that represents the VLAN number to which group members will be assigned.
Tunnel-Type. Select Virtual LANs (VLAN).
You can find more information here:
Configure a Network Policy for VLANs
VLAN Attributes Used in Network Policy
802.1X Authentication Services Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
HTH. -
Does the ethernet adapter have a MAC address?
Hi, I wonder if anyone can answer this one for me. I use programs under bootcamp that need a 'dongle' to prevent them being used on more than one machine at once. ProE for example uses a Pluscom ethernet adaptor that carries its own unique MAC address that the license is assigned to. My question is, is the Mac ethernet adapter the same? does it have a unique address - should be six pairs of numbers / letters.
Just wondering if I could use one of the Mac adapters for this purpose.
Thanks for any helpYes, the Apple Ethernet adapter will have a Media Access Control (MAC) address. In general, every network adapter (NIC) will have a unique MAC address. So if your program only works with a specifc MAC address, basically you can't install the program on a different computer without contacting the software vendor for a new installation code or whatever. (More specifically, you can't change the NIC. If you change computers, you need to keep the NIC.)
In Windows, to get the MAC address, open a command prompt and type "IPCONFIG /ALL" (without the quotes.) The line that says "Physical Address" is the MAC address. Note that you may have more than one NIC. (Wired, Wi-Fi, etc.) So you need to be sure you get the appropriate MAC address for the desired NIC. -
MAC address change under MacBook Pro MB133PL/A (Penryn) with Mac OSX 10.5.2
Hi,
Do you know how to change MAC address of ethernet LAN card (not Wi-Fi) under MacBook Pro MB133PL/A (Penryn) with Mac OSX 10.5.2 (Leopard) ?
Thanks,I use the terminal.
sudo ifconfig en0 lladdr /enter valid mac address here without the slashes/
press return
enter superuser password
press return
This will change the regular wired ethernet port on you MBP. To change the wireless MAC you should replace the en0 with an en1 but if you have a Airport v1.0 card then it will not work. It might work if you have a v2.0 but people seem to have off an on success with that. Also you can attempt putting ether in place of lladdr if you still have issues that need troubleshooting.
I know there are some legit reasons to change the MAC address and many non-legit ones but lets just say for instance a friend of yours has a network or wireless and they forgot their password to control the settings on that network. Long ago when they made the network they limited access to it by binding it to certain MAC addresses namely theirs. Now they have given you permission to use the network but you can't because your computer does not have their mac address. They cannot make the network give you permission because they forgot their password so they give you thier MAC address and let you trick their network into thinking your computer is actually your friend's and then you are able to surf the internet. They won't just let you use their computer cause they need to write an essay offline for a few hours. This does not violate any terms of service, you got permission and unless there are some other extenuating circumstances this is a legit move. I assume this is the exact reason you want this information.
Maybe you are looking for
-
Meu computador é um Itautec antigo menor de 1G dá para atualizar o Firefox?
Meu computador Itautec tem um espaço livre de 66,2 GB e um tamanho total de 74,5 GB. Uso 0 Windows XP, e o Firefox de uma versão bem antiga, gostaria de saber se a atualização é possível.
-
Where can I download the toolbox for my HP Deskjet 9800?
I used to have the 9800 deskjet toolbox on my other computer but mr computer crashed so I bought a neww HP Desktop and it is using Windows 7. I really need to know where to download the toolbox so I can tell how much ink I have.
-
Conversion Problem from character to number
Dear All, I have a file which i have loaded in the table through SQL loader. After using substring function, i got the desired information. Now I want to put the extracted information in another table. Following is my table defination: RECORD VARCHAR
-
VM NICs keep reverting from dynamic to static IP pool on reboot
I have a 2012 R2 System Center deployment that has been working perfectly for six months. This past week, we added another Hyper-V host into the cluster, and the networking has become problematic for us. VMs that were configured to be "Dynamic" IP ad
-
Where do you go when nobody answers your question?
So I had one reply to an earlier question and it was just another question. I'm on my third day waiting for an answer. Is there another place to go that might give support?