Wi-Fi Access using MAC filtering

SOLVED
npnitin
Here to help

Wi-Fi Access using MAC filtering

Hi Experts,

 

I want to use MAC filtering to access the wireless network. But I don't have a RADIUS server.

 

Most of the devices are IoT based 

 

So, please guide me on this matter.

 

In this case, I will be installing MR76  

1 ACCEPTED SOLUTION
KarstenI
Kind of a big deal
Kind of a big deal

Would still go for "Identity PSK without RADIUS".

View solution in original post

6 REPLIES 6
MilesMeraki
Head in the Cloud

Don't see how you'd achieve this without a NAC/Radius server? You could look at doing this with IPSK with Radius using Freeradius (open source).

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/IPSK_with_RADIUS_Authentication

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
KarstenI
Kind of a big deal
Kind of a big deal

As mentioned, RADIUS is needed for that. But as MAC-filtering will not add any security benefit, I would go for "Identity PSK without RADIUS" to give different groups of IoT devices different PSKs and group-policies.

Thanks for your reply.

 

I want to give some details of my ongoing deployment.

 

We use one subnet for all wired and wireless networks so all users including IoT are in one subnet.

 

All IoT devices use only a wireless network and other users connected on the wire.

 

So please advise, how can I implement these policies? 

 

 

KarstenI
Kind of a big deal
Kind of a big deal

Would still go for "Identity PSK without RADIUS".

cmr
Kind of a big deal
Kind of a big deal

@npnitin that isn't great from a security point of view IoT devices are notoriously (insert favourite expletive) in terms of updates and general security so I'd look to change to a different setup where you use VLANs and can secure IoT devices off from the rest of the network.

BlakeRichardson
Kind of a big deal
Kind of a big deal

@npnitin  Meraki doesn't support the use of MAC filtering without using Radius. Radius is a requirement, if you don't have a radius server your options are set one up or choose a different authentication method.

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels