Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block device by manufacturer in MX network

MarcP
Kind of a big deal
‎Aug 29 2019 11:56 PM
‎Aug 29 2019 11:56 PM

Block device by manufacturer in MX network

Hi all,

 

Within a MX-only network, is there a way to block devices by its manufacturer automatically?

As we have no HP devices in our company I would like to block these (external technicians have them) devices instantly, when they connect theirselfs to the MX (they just want to check the internetconnection, but I don´t want them in our networks at any time).

 

Thanks, regards

Marc

0 Kudos
Subscribe
3 Replies 3
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 30 2019 2:21 AM
‎Aug 30 2019 2:21 AM

If you have a typical configuration with unauthenticated ports - you can't block them.

 

You could enabled 802.1x port authentication and MAC address bypass and use something like FreeRADIUS and write a small script to permit or deny access by just the MAC address.

https://documentation.meraki.com/MX/Access_Control_and_Splash_Page/MX_Access_Policies_(802.1X)#MAC_a...

 

https://wiki.freeradius.org/guide/Mac-Auth

0 Kudos
Subscribe
In response to PhilipDAth
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 30 2019 2:22 AM
‎Aug 30 2019 2:22 AM

Actually you probably don't even need a script.  You could probably get away with a regular expression.

Subscribe
In response to PhilipDAth
MarcP
Kind of a big deal
‎Aug 30 2019 2:34 AM
‎Aug 30 2019 2:34 AM

Thanks Phiip, I´ll try that

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.