Wireless Access

 View Only
last person joined: 7 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

AOS 10 MAC Filter for Wireless

This thread has been viewed 19 times

  • 1.  AOS 10 MAC Filter for Wireless

    Posted 14 days ago

    Looking for someone to point me to a how-to or something similar. Im looking for information on how to create a mac filter for ssid's via ClearPass. Currently in AOS 8 you can make ssid's filter device connections via mac address on the VC local server. But going into AOS 10 that local server feature has been removed. So the next option is to use ClearPass. Im not familiar with ClearPass and was hoping to find direction on how to get a mac address repository setup to when users connect to a ssid ClearPass will grant the connection based on the mac address list.



    ------------------------------
    Mr. MKP
    Network Administrator
    ------------------------------


  • 2.  RE: AOS 10 MAC Filter for Wireless

    EMPLOYEE
    Posted 14 days ago

    You would be better off searching over in the Security discussion board which covers ClearPass.  The preferred method these days is using Device Registration (a.k.a the guest device repository) for capturing of devices by MAC address along with setting of a role.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------

    Original Message


  • 3.  RE: AOS 10 MAC Filter for Wireless

    Posted 14 days ago

    will do. thanks.



    ------------------------------
    Mr. MKP
    Network Administrator
    ------------------------------

    Original Message


  • 4.  RE: AOS 10 MAC Filter for Wireless

    MVP
    Posted 14 days ago

    We do not use Aruba Central but use ClearPass extensively. For MAC Address authentication & filtering I can think of 3 options. We only use thr first 2.

    1. The Guest Devices database can be used for MAC authentication.
      1. Multiple device roles available
      2. Time expiry available
    2. You can use an external database as an Authentication Source. We use some tables from an MSSQL cluster.
    3. You could use a regex filter in the service definition



    ------------------------------
    Bruce Osborne ACCP ACMP
    Liberty University

    The views expressed here are my personal views and not those of my employer
    ------------------------------

    Original Message


  • 5.  RE: AOS 10 MAC Filter for Wireless
    Best Answer

    EMPLOYEE
    Posted 14 days ago

    Why not use Cloud Authentication and policy, which is part of Central/AOS10?

    Works great for MAC filtering if you import the list of MAC addresses and create a policy around that. 



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message


  • 6.  RE: AOS 10 MAC Filter for Wireless

    Posted 13 days ago

    Thanks Herman. Got this working. Not sure why I was not told about this from the Aruba engineer thats on my account. They told me there was no way to do mac filtering like I was doing via AOS 8 with a VC.



    ------------------------------
    Mr. MKP
    Network Administrator
    ------------------------------

    Original Message