Wireless Access

New Contributor

MAC filtering policies

Hi, I'm running an HA pair of Aruba OAW-7210 with a few SSID's tied to a few VLAN's. Wanted to know if there is a way to create an MAC ACL for a specific SSID to allow traffic from specific MAC OUI, on that VLAN, to a few designated servers only. Essentially, blocking specific MAC from accessing anything else but what is listed in the policy. 


I realize this would be a much easier task if I had RADIUS or Clearpass but circumstance dictates otherwise.


I appreciate the help.

Guru Elite

Re: MAC filtering policies

You would:

- Create a role with your filtered ACLS

- Create a user derivation rule where if the mac OUI is seen it assigns users to that role.  https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-use-the-user-derivation-rule-to-set-the-role-using-a/ta-p/182426

- Assign that user derivation rule to the AAA profile assigned to that Virtual AP:



*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
New Contributor

Re: MAC filtering policies

Thanks for a quick respond 

Search Airheads
Showing results for 
Search instead for 
Did you mean: