Security

Reply
Highlighted
Occasional Contributor II

Re: MAC Auth Service for AP's, Printers, Etc.

Hello, I'm bringing up this old thread because I have similiar issue.

 

Question: It's possible in role mapping(or enforcement) check if the mac is known or unknown in the endpoints database?

 

---

 

I have thousands of VOIP that makes impossible to mark all of them with mac known. So I'm using [Allow All MAC AUTH], then I have role mapping and enforcement, if category = VOIP then Permit access

 

It's working fine.

But now I need to grant MAB for some computers.

I can't use the same flow, because if I do it, I will grant access to all computers. I want to only grant MAB for mac address that I set as 'known'

 

Highlighted
Frequent Contributor II

Re: MAC Auth Service for AP's, Printers, Etc.

You can create a new Enforcement Policy (or add to an existing MAC Auth Enforcement policy) that looks like this:

Authorization [Endpoints Repository]: Status EQUALS Known 

 

Actions:  Allow Access Profile

 

 

Highlighted
Occasional Contributor II

Re: MAC Auth Service for AP's, Printers, Etc.

Thank you Ryan! 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: