Hi..
I want to know, is it possible to filter specified mac-address can join ssid with PSK Authentication?
In the dash board only MAC-based access control (no encryption) with radius.
Thanks and Regards,
Gibs
I mean, we assign mac-address list manually on the dashboard not using radius
Unfortunately, the only way is using a Radius server.
The best way is to do it with a radius-server. There you can define which MAC-addresses are allowed and also pass the correct passphrase for encryption to the AP. This is done with "iPSK with RADIUS".
What about white-listing mac-address on client menu per ssid? As image attached:
is there any trick to make it happen?
I think it is not what you want. When you put the client in an allow list it will apply the following settings to a client:
It is not a trick, it just won't do what you were asking for as the PC could still join the SSID.
If the workflow is ok for you it can be implemented this way:
So every client still can associate with the ssid, since the firewall rule is deny all. Only the white-listed client could use the ssid for communication. Is that right?
In other words, white-listing is a way to bypass any firewall/policy rule, isnt it?
yep
Have you considered using IPSK instead?
https://documentation.meraki.com/MR/Encryption_and_Authentication/IPSK_Authentication_without_RADIUS