Meraki

Community

Wi-Fi Access using MAC filtering

Solved
npnitin
Here to help
‎Dec 1 2021 10:27 PM
‎Dec 1 2021 10:27 PM

Wi-Fi Access using MAC filtering

Hi Experts,

 

I want to use MAC filtering to access the wireless network. But I don't have a RADIUS server.

 

Most of the devices are IoT based 

 

So, please guide me on this matter.

 

In this case, I will be installing MR76  

Labels:
0 Kudos
1 Accepted Solution
In response to npnitin
KarstenI
Kind of a big deal
Kind of a big deal
‎Dec 2 2021 5:31 AM
‎Dec 2 2021 5:31 AM

Would still go for "Identity PSK without RADIUS".

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

0 Kudos
6 Replies 6
MilesMeraki
Head in the Cloud
‎Dec 2 2021 12:02 AM
‎Dec 2 2021 12:02 AM

Don't see how you'd achieve this without a NAC/Radius server? You could look at doing this with IPSK with Radius using Freeradius (open source).

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/IPSK_with_RADIUS_Authentication

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
0 Kudos
KarstenI
Kind of a big deal
Kind of a big deal
‎Dec 2 2021 2:34 AM
‎Dec 2 2021 2:34 AM

As mentioned, RADIUS is needed for that. But as MAC-filtering will not add any security benefit, I would go for "Identity PSK without RADIUS" to give different groups of IoT devices different PSKs and group-policies.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
npnitin
Here to help
‎Dec 2 2021 5:26 AM
‎Dec 2 2021 5:26 AM

Thanks for your reply.

 

I want to give some details of my ongoing deployment.

 

We use one subnet for all wired and wireless networks so all users including IoT are in one subnet.

 

All IoT devices use only a wireless network and other users connected on the wire.

 

So please advise, how can I implement these policies? 

 

 

0 Kudos
In response to npnitin
KarstenI
Kind of a big deal
Kind of a big deal
‎Dec 2 2021 5:31 AM
‎Dec 2 2021 5:31 AM

Would still go for "Identity PSK without RADIUS".

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to npnitin
cmr
Kind of a big deal
Kind of a big deal
‎Dec 2 2021 12:18 PM
‎Dec 2 2021 12:18 PM

@npnitin that isn't great from a security point of view IoT devices are notoriously (insert favourite expletive) in terms of updates and general security so I'd look to change to a different setup where you use VLANs and can secure IoT devices off from the rest of the network.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Dec 2 2021 10:59 AM
‎Dec 2 2021 10:59 AM

@npnitin  Meraki doesn't support the use of MAC filtering without using Radius. Radius is a requirement, if you don't have a radius server your options are set one up or choose a different authentication method.

 

 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.