4-33
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-01
Chapter 4 Security Setup
Setting Up MAC-Based Authentication
devices to authenticate using MAC addresses. To force all client devices to
authenticate using MAC addresses, select Disallowed for all the enabled
authentication types.
When you set Default Unicast Address Filter to disallowed, the access point
discards all unicast traffic except packets sent to the MAC addresses listed as
allowed on the authentication server or on the access point’s Address Filters page.
Note Client devices associated to the access point are not immediately affected
when you set Default Unicast Address Filter to disallowed.
Step 16 Click OK. You return automatically to the Setup page. Client devices that
associate with the access point will not be allowed to authenticate unless their
MAC addresses are included in the list of allowed addresses.
Enabling MAC-Based Authentication in Cisco Secure ACS
Cisco Secure Access Control Server for Windows NT/2000 Servers (Cisco Secure
ACS) can authenticate MAC addresses sent from the access point. The access
point works with ACS to authenticate MAC addresses using Secure Password
Authentication Protocol (Secure PAP). You enter a list of approved MAC
addresses into the ACS as users, using the client devices’ MAC addresses as both
the username and password. The authentication server’s list of allowed MAC
addresses can reside on the authentication server or at any network location to
which the server has access.
Follow these steps to create a list of allowed MAC addresses in Cisco Secure
ACS:
Step 1 On the ACS main menu, click User Setup.
Step 2 When the User text box appears, enter the MAC address you want to add to the
list.
To Next Page
Loading...
