Can I block all MACs but those that are whitelisted?

ORC
Conversationalist

Can I block all MACs but those that are whitelisted?

I would like to block all MAC addresses (can also use host name) except those that are whitelisted on an SSID

6 REPLIES 6
ww
Kind of a big deal
Kind of a big deal

You could do that using  authentication like radius.

 

Or

you have to make firewall rules in the ssid that blocks all traffic, and then whitelist /assign a group policy to the client 

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Blocking_and_Allowing...

UKDanJones
Building a reputation

MAC filtering is not an effective security strategy. They can be easily found and spoofed. I demoed this to a client and it took me a few minutes to gain access to their network.

Please feel free to hit that kudos button
ORC
Conversationalist

I understand the possible issues with MAC filtering and plan on using AD credentials along with it.  MAC filtering is an additional check

UKDanJones
Building a reputation

okay cool, you'll need something like ISE if you want to do this.

Please feel free to hit that kudos button
ORC
Conversationalist

I have AD setup through use of the splash page in the dashboard.  I am just trying to use MAC filtering along with it and would like to know if it can be done.  My goal is to prevent not organization owned devices from accessing the internal LAN since a legitimate user can use a personal device to enter AD credentials on the splash page

PhilipDAth
Kind of a big deal
Kind of a big deal

@ww gave you the best solution.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels