Manualshelf

WESM zl Management and Configuration Guide WT.01.XX and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
801802803804805806807808809810
12-76
Wireless Network Management
MAC Filters (Local MAC Authentication)
Configuring MAC Standard ACLs (Filters)
When configuring ACLs on the module, keep these rules in mind:
ACLs are ordered by index number.
The module processes ACLs that are applied to a WLAN starting with the
ACL that has the lowest index number. The module stops processing the
ACLs as soon as it finds a match for the station’s MAC address.
The module supports two types of ACLs:
Allow ACLs—If the module matches a station to this ACL, it permits
traffic from the station.
Deny ACLs—If the module matches a station to this ACL, it blocks all
traffic from the station, and the station cannot associate to the WLAN.
By default, the module allows all stations. Unless you explicitly deny a
station in an ACL, it can connect.
You will generally follow one of two strategies for MAC authentication:
Deny all stations except a select group of authorized stations.
In this case, you should create one or more allow ACLs that specify the
group of authorized stations. Then you should create a deny ACL that
specifies all stations (00-00-00-00-00-00 through FF-FF-FF-FF-FF-FF).
The index numbers for the allow ACLs must be lower than that for the
deny ACL.
Allow all stations except a select group of unauthorized stations.
In this case, you should create one or more deny ACLs that specify the
MAC addresses of unauthorized stations. You do not need to create an
allow ACL, because allowing all stations is the module’s default behavior.
You can, of course, also combine the strategies—for example, deny a station
with a range of allowed stations.
To configure an ACL, complete these steps:
1. Select Security > MAC Filters.