+ Post New Thread
Results 1 to 3 of 3
Wireless Networks Thread, MAC filtering - Procurve Wireless Edge Services WS.02.27 in Technical; Hi, We have nearly site wide HP wireless edge module on a 5304xl switch. This has nearly 40 APs loitered ...
  1. #1

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193

    MAC filtering - Procurve Wireless Edge Services WS.02.27

    Hi,

    We have nearly site wide HP wireless edge module on a 5304xl switch. This has nearly 40 APs loitered around the site.

    It was setup to have a few different SSID for access for Teacher Laptops, class laptops and minibooks on different VLANS.

    However this has no authentication but it does have tkip encryption. Seeing as the CC3 system is on its way out in 6 months, 802.1x was gonna wait until everything is up and running... anyway...

    I wanted to prove access for a limited amount of non school owned devices (iphones, pda's) to get onto this AP and access our exchange 2003 box for some mail if they wish. Creation of the SSID is ok, link it to a VLAN and tag the uplinks in the 5304, all ok....

    however, put on 'mac authentication' and it'll never get an IP.

    The mac filter has two ACLs:

    #100 A client PC - allow
    #1000 00etc-FFetc - deny.

    these are associated with the WLAN SSID.

    Even if i change the #1000 acl it'll still not doing a thing except getting a 169 address. Turn MAC filtering off and its fine.... anyone got any experience with these HP wireless systems??

    and no we dont want to be sold a new wireless system.

  2. #2
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,456
    Thank Post
    10
    Thanked 494 Times in 434 Posts
    Rep Power
    112
    Have you tried specifying the mac as a start and end address? Thats what I have to do for the zl modules (start and end being the same for a single MAC).

  3. #3

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    Quote Originally Posted by DMcCoy View Post
    Have you tried specifying the mac as a start and end address? Thats what I have to do for the zl modules (start and end being the same for a single MAC).
    Thanks for the reply.



    Yeah the "#100 A client PC - allow" client is a PC specified by MAC address at both start and end.

    The #1000 is a block all (0000000001-FFFFFFFFFE) but i've set that to allow all too and no luck.


    No mac auth: Connected and got IP from correct vlan straigh away.

    mac auth on and mac specified in allow list: Connects but no IP.

    Mac auth on but not listed in allow list: No connection and no ip.

SHARE:
+ Post New Thread

Similar Threads

  1. Mac Terminal Services
    By StuartC in forum Mac
    Replies: 5
    Last Post: 1st September 2009, 08:17 PM
  2. MAC Based vlan allocation with procurve switches (11x)
    By AlexB in forum Wireless Networks
    Replies: 25
    Last Post: 21st September 2008, 05:56 PM
  3. Wireless Advice Procurve 420 AP
    By markwilliamson2001 in forum Wireless Networks
    Replies: 7
    Last Post: 2nd July 2008, 01:01 PM
  4. Mulitcast Filtering on Procurve Core
    By mrforgetful in forum Wireless Networks
    Replies: 11
    Last Post: 27th March 2007, 09:15 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •