Rather than SHL, use device registration so that you have an actual database of entries rather than a cumbersome list that is prone to errors.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Apr 11, 2024 01:47 PM
From: ahollifield
Subject: Blacklisting users
Profiling
Original Message:
Sent: Apr 11, 2024 01:42 PM
From: rwiggs@texasrangers.com
Subject: Blacklisting users
If static host lists are not recommended, How do you do mac auth bypass?
------------------------------
rwiggs
Original Message:
Sent: Apr 11, 2024 01:29 PM
From: Unknown User
Subject: Blacklisting users
Static Hosts Lists are legacy ClearPass feature and are no longer recommended for use. This method also has no protection against MAC spoofing.
Original Message:
Sent: Apr 11, 2024 12:44 PM
From: rwiggs@texasrangers.com
Subject: Blacklisting users
I built a static host list called blacklist, added the mac-addresses to the list, then built the role, profile and service. It works great for me.
------------------------------
rwiggs
Original Message:
Sent: May 08, 2019 05:03 AM
From: alexatyork
Subject: Blacklisting users
o.k. fair enough. We do "things" to blacklist people anyway,just wondered if it was a general "blacklist feature" in policy manager