Wireless Access

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Yes, there is a few ways to do it depending on your authentication source. 

MAC Based Authentication

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Hi Syme,

Thanks for your reply .My thought is using WPA2 for authentication ,but only allow the users on the MAC white list  .

Seems MAC authentication can't  archieve this goal .

Yes, there is a few ways to do it depending on your authentication source. 

MAC Based Authentication

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

My configuration as below ,But seems user can access the WLAN did not need to add to internal user 

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Hi, what is the initial role in the AAA profile? since the ssid is/was PSK, the role is, probably, authenticated already and you need to change to logon (something that doesn't have access to the network until is authenticated) and then, the device will get the role configured in the internal database for that mac-add.

If you get this working and wants to assign a different role let us know and we can continue. 

I hope this helps

My configuration as below ,But seems user can access the WLAN did not need to add to internal user 

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Hi Lord,

The default rols is aready logon,and seems un changeable. 

Hi, what is the initial role in the AAA profile? since the ssid is/was PSK, the role is, probably, authenticated already and you need to change to logon (something that doesn't have access to the network until is authenticated) and then, the device will get the role configured in the internal database for that mac-add.

If you get this working and wants to assign a different role let us know and we can continue. 

I hope this helps

My configuration as below ,But seems user can access the WLAN did not need to add to internal user 

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

Hi, can you show what is configured in AAA profiles - Teset_aaa as the initial and default roles? Click on Test_aaa when you are on the profiles page.

Hi Lord,

The default rols is aready logon,and seems un changeable. 

Hi, what is the initial role in the AAA profile? since the ssid is/was PSK, the role is, probably, authenticated already and you need to change to logon (something that doesn't have access to the network until is authenticated) and then, the device will get the role configured in the internal database for that mac-add.

If you get this working and wants to assign a different role let us know and we can continue. 

I hope this helps

My configuration as below ,But seems user can access the WLAN did not need to add to internal user 

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?

My configuration as below ,But seems user can access the WLAN did not need to add to internal user 

Do you want to whitelist every MAC address? That means create a user for each MAC address?
You can solve this with the help of the internal authentication server. In the used AAA profile you have to create MAC Authentication Profile under "MAC Authentication", under "MAC Authentication Server Group" you have to select the "internal" server.

In the internal server you can create one user per MAC address. You can find the internal server under Configuration/authentication/Auth Servers.

With each WLAN connection the internal server is requested, if the MAC-Address-User exists the aruba user role configured by you is assigned to the device. If  not the device remains in the initial role from the AAA profile.

Can we setup   Mac filtering  on Aruba 7010 with OS 8.6 ?

Only allow the user in the MAC white list ?