System information
Wireless Security Configuration
Configuring MAC Address Authentication
If you choose to configure RADIUS MAC authentication and 802.1X together,
the RADIUS MAC address authentication occurs before 802.1X authentica-
tion. If the RADIUS MAC authentication is successful, 802.1X authentication
is performed. When RADIUS MAC authentication fails, 802.1X authentication
is not performed.
No t e The access point does not support a security combination of RADIUS MAC
authentication and WPA with 802.1X or WPA pre-shared key.
Web: Configuring MAC Address Authentication
The MAC Authentication window on the Wireless Interfaces SSID Configuration
window enables the SSID interface to be configured to use MAC address
authentication.
The web interface enables you to modify these parameters:
■ MAC Authentication: The type of authentication method the system
employs when authenticating a wireless client’s MAC address.
• Local MAC: The MAC address of the associating station is compared
against the local database stored on the access point. The Local MAC
Authentication section enables the local database to be set up. The
access point supports up to 1024 MAC addresses.
• Radius MAC: The MAC address of the associating station is sent to
a configured RADIUS server for authentication.
• Disable: No checks are performed on an associating station’s MAC
address.
■ MAC Authentication Refresh Rate: Sets the interval (in seconds) at
which associated clients will be reauthenticated with the RADIUS server
authentication database. Setting a value of zero seconds disables reau-
thentication.
■ Local MAC Authentication: Configures the local MAC authentication
database. The MAC database provides a mechanism to take certain
actions based on a wireless client’s MAC address. The MAC list can be
configured to allow or deny network access to specific clients.
• MAC Table Permission: Specifies the action for MAC addresses
listed in the local MAC database table.
– Deny: Blocks access for all MAC addresses listed in the local
database that are set to Active. All other client MAC addresses are
permitted access.
– Allow: Permits access only for MAC addresses listed in the local
database that are set to Active. All other client MAC addresses are
blocked.
7-32