WESM zl Management and Configuration Guide WT.01.28 and greater
12-75
Wireless Network Management
MAC Filters (Local MAC Authentication)
To export the information in one or more alarms, select those alarms and click the
Export button. On the screen that is displayed, select a filename and a location for
the logs, which are saved as a comma-separated file.
MAC Filters (Local MAC Authentication)
The Wireless Edge Services zl Module can control which wireless stations connect
to a WLAN according to their MAC, or hardware-based, addresses. You configure
standard MAC ACLs, or filters, and the module blocks stations denied by those ACLs
before they can authenticate and associate with the WLAN.
MAC authentication can act by itself or in conjunction with another form of
authentication. For example, you could configure ACLs for MAC authentication and
apply them to a WLAN; you could also enable Web authentication on that WLAN.
When a station attempts to connect to the WLAN, the module first checks the station’s
MAC address. If the ACLs allow the station, the module lets the station proceed to
associate to the WLAN and complete the Web authentication.
MAC authentication is particularly important with Web authentication because
without it, stations can actually connect to the WLAN before they authenticate.
The module supports up to 1,000 ACLs, each of which can specify a range of MAC
addresses.
To configure MAC authentication, complete these steps:
1. Configure one or more filters, or ACLs.
2. Configure WLAN memberships for each ACL.
Configuring MAC Standard ACLs (Filters)
When configuring ACLs on the module, keep these rules in mind:
■ ACLs are ordered by index number.
■ The module processes ACLs that are applied to a WLAN starting with the ACL
that has the lowest index number. The module stops processing the ACLs as soon
as it finds a match for the station’s MAC address.
■ The module supports two types of ACLs:
• Allow ACLs—If the module matches a station to this ACL, it permits traffic
from the station.