From: Dennis Laganiere (dennisl@xxxxxxxxxxxxxxxxxxx)
Date: Tue Jul 09 2002 - 18:04:36 GMT-3
Thank you all for your helpful suggestions. Below is the configuration that
did what I wanted: to block all but a select list of MAC addresses from
accessing my network through a wireless access point. The configuration
below allows me to add MAC addresses as my users buy NICs. Keep in mind
this is a temporary solution until I buy a Cisco Aironet 1200, which people
have told me has some of this functionality built in.
Thanks...
--- Dennis
R2#sh run
Building configuration...
Current configuration : 830 bytes
!
version 12.1
hostname R2
no logging console
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
bridge irb
!
interface Ethernet0
no ip address
bridge-group 1
bridge-group 1 input-address-list 705
!
interface Ethernet1
no ip address
bridge-group 1
!
ip classless
ip http server
!
access-list 705 permit 0000.****.abaa 0000.0000.0000
access-list 705 permit 0050.****.7a4c 0000.0000.0000
!
bridge 1 protocol ieee
alias exec co config t
alias exec i show ip route
!
-----Original Message-----
From: Dennis Laganiere [mailto:dennisl@advancedbionics.com]
Sent: Monday, July 08, 2002 11:05 AM
To: 'cisco@groupstudy.com'; 'ccielab@groupstudy.com'
Subject: Mac Layer access list
I looked through the CCO, the groupstudy archive and my stack of cisco press
books, but I can't find any information about setting up an ACL for MAC
addresses. Has anybody done it before?
Here's what I'm trying to do: I've got a wireless access point that lets
just anybody join. I want to put a router upstream to block all but a
limited number of pre-defined MAC addresses. Any thoughts?
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:23 GMT-3