Meru Technical Note - Configuring RADIUS based MAC Filtering
Configuring RADIUS based MAC Filtering on SD 5.x and Below.
This article applies to all controller running SD version 5.x or below.
Scope
KB ARTICLE TYPE: Configuration
RELATED PRODUCTS: controller
RELATED SOFTWARE VERSIONS: 5.x and below.
KEYWORDS: Radius, MAC filtering, controller
Solution
When RADIUS Server MAC filtering is enabled, station MAC addresses are set up and managed by a remote RADIUS Server. When a new station attempts to join the WLAN, the Controller queries the RADIUS server with the MAC address to determine whether the client is permitted or not.
CONFIGURATION STEPS:
GUI Steps:
Please define a Radius server in the controller GUI > Configuration > Radius > Fill the details and create a Radius server entry.
Navigate to Configuration > MAC Filtering > ACL Environment State > Map the ACL to the radius server entry which was created just now. Please select the name of the Radius server from the “Radius Profile Name”.
Click on the Save button to save the running configuration to the start-up configuration.
CLI Steps :
STEP 1 : The following commands set up a profile for the primary RADIUS server, main-auth, that specify the server’s IP address and secret key. All other default parameters (such as the port number (1812)) are acceptable, and not changed:
meru# configure terminal
meru(config)# radius-profile main-auth
meru(config-radius)# ip-address 10.10.158.104
meru(config-radius)# key secure-secret
meru(config-radius)# end
meru#
STEP 2 : The following command configures and enables the primary RADIUS server named in the profile main-auth:
meru(config)# access-list radius-profile primary main-auth
meru(config)# exit
meru#