Configuring Mac Filtering For Wlans; Enabling Mac Filtering; Creating A Local Mac Filter; Configuring A Timeout For Disabled Clients - Cisco SD2008T-NA Configuration Manual
4400 series wireless lan controller
Hide thumbs
Also See for SD2008T-NA:
- Configuration manual (46 pages) ,
- Installation manual (160 pages)
Table of Contents
Advertisement
Configuring WLANs
Configuring MAC Filtering for WLANs
When you use MAC filtering for client or administrator authorization, you need to enable it at the WLAN
level first. If you plan to use local MAC address filtering for any WLAN, use the commands in this
section to configure MAC filtering for a WLAN.
Enabling MAC Filtering
Use these commands to enable MAC filtering on a WLAN:
•
•
When you enable MAC filtering, only the MAC addresses that you add to the WLAN are allowed to join
the WLAN. MAC addresses that have not been added are not allowed to join the WLAN.
Creating a Local MAC Filter
Controllers have built-in MAC filtering capability, similar to that provided by a RADIUS authorization
server.
Use these commands to add MAC addresses to a WLAN MAC filter:
•
•
•
Configuring a Timeout for Disabled Clients
You can configure a timeout for disabled clients. Clients who fail to authenticate three times when
attempting to associate are automatically disabled from further association attempts. After the timeout
period expires, the client is allowed to retry authentication until it associates or fails authentication and
is excluded again. Use these commands to configure a timeout for disabled clients:
•
•
Assigning WLANs to VLANs
Use these commands to assign a WLAN to a VLAN:
•
Cisco Wireless LAN Controller Configuration Guide
6-6
Enter config wlan mac-filtering enable wlan-id to enable MAC filtering.
Enter show wlan to verify that you have MAC filtering enabled for the WLAN.
Enter show macfilter to view MAC addresses assigned to WLANs.
Enter config macfilter add mac-addr wlan-id to assign a MAC address to a WLAN MAC filter.
Enter show macfilter to verify that MAC addresses are assigned to the WLAN.
Enter config wlan blacklist wlan-id timeout to configure the timeout for disabled clients. Enter a
timeout from 1 to 65535 seconds, or enter 0 to permanently disable the client.
Use the show wlan command to verify the current timeout.
Enter this command to assign a WLAN to a VLAN:
config wlan vlan wlan-id {default | untagged | vlan-id controller-vlan-ip-address vlan-netmask
vlan-gateway}
Use the default option to assign the WLAN to the VLAN configured on the network port.
–
Use the untagged option to assign the WLAN to VLAN 0.
–
Use the vlan-id, controller-vlan-ip-address, vlan-netmask, and vlan-gateway options to assign
–
the WLAN to a specific VLAN and to specify the controller VLAN IP address, the local IP
netmask for the VLAN, and the local IP gateway for the VLAN.
Chapter 6
Configuring WLANsWireless Device Access
OL-1926-06OL-9141-03
Hide quick links:
Advertisement
Table of Contents
