A Media Access Control (MAC) address is a
hardware address that uniquely identifies each node of a network. All IEEE 802
network devices share a common 48-bit MAC address format, usually
displayed as a string of 12 hexadecimal digits separated by colons, for
example
00:DC:BA:09:87:65.
Each wireless network interface card (NIC) used by a wireless client has a
unique MAC address.
You can use the Administrator UI on the AP or
use an external RADIUS server to control access to the network through the
AP based on the MAC address of the wireless client. This feature is called
MAC Authentication or MAC Filtering. To control access, you configure a global
list of MAC addresses locally on the AP or on an external RADIUS server. Then,
you set a filter to specify whether the clients with those MAC addresses are
allowed or denied access to the network. When a wireless client attempts to
associate with an AP, the AP looks up the MAC address of the client in the
local Stations List or on the RADIUS server. If it is found, the global allow
or deny setting is applied. If it is not found, the opposite is applied.
On the Virtual Access Point Settings page, the MAC
Auth Type setting controls whether the AP uses the station list configured
locally on the
Client Connection Control
page or the external RADIUS server. The Allow/Block filter setting on
the
Client Connection Control page
determines whether the clients in the station list (local or RADIUS) can
access the network through the AP.
If you use RADIUS MAC authentication for
MAC-based access control, you must configure a station list on the RADIUS
server. The station list contains client MAC address entries, and the
format for the list is described in the following table.
