How to Configure Local MAC address based Authentication in WM3600 Cluster?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered

I have a Cluster of 02 WM3600 Controllers with SW version 5.4.

Need to implement MAC address based Local ( On Controller) authentication.

Requirement is for two type of users:

1. Employees

2. Guest


For Employee:

WLAN User should not be asked any password. Only a set of MAC IDs should be allowed to use the SSID. Users with other MAC IDs should not be allowed  (restricted) to access the SSID.


For Guest:

WLAN User has to login a KEY/Password and get access. But SSID other than used for Employees.

Any one can guide on this?

Regards,

Jitendra


Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Hi Friends,

Can any one guide on this?

Regards,

Jitendra

Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Hi Jitendra,

Please refer the page number 12 from the link below to configure MAC authentication using controller internal radius server. 

https://www.dropbox.com/s/h6nzmruy3f16gdr/SVC%20Tech%20Implementation%20Guide%20WM3000%20Series%20SW...

For Guest,
You will be creating new SSID and select security as "PSK/None' and set the passphrase details.. 


Regards,
Nathiya M
(Edited)
Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Thanks Nathiya,

I will try this and update you.

Regards,

Jitendra

Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Hi Nathiya,

We followed the doc: "Solution Implementation Guide: WM 3000 Series Controller (SW v5.1) Internal RADIUS" .

But it is not working and even the working SSID was also affected and stop working.

Should I share Configuration file?

Please suggest.

Regards,

Jitendra

Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Hi Jitendra,

Yes, please share the config file to check the details. 


Regards,
Nathiya M
Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Hi Nathiya,

Herewith please find the links for configuration files.

OLD/Initial  start-up Config: https://www.dropbox.com/s/jjzt5irc5b0hlag/startup-config-OLD?dl=0

Config after following the document: https://www.dropbox.com/s/g4n4lclldutw0r1/startup-config?dl=0

Please suggest.

Regards,

Jitendra



Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Hi Jitendra,

I see the MAC authentication configuration seems to correct.

wlan TEST 
description MAC based
 ssid test
 vlan 900
 bridging-mode tunnel
 encryption-type none
 authentication-type mac
 use aaa-policy NTPC-AAA\ Policy
!
aaa-policy NTPC-AAA\ Policy authentication server 1 onboard controller
!
radius-group NTPC-Radius-Group
!
radius-user-pool-policy NTPC-User\ pool
 user 88708cd34ebd password 0 88708cd34ebd group NTPC-Radius-Group

Except the production SSID configured in "bridging-mode local" and the MAC authentication SSID configured in "bridging-mode tunnel". 

wlan NTPC-GUEST description NTPC Employee WiFi user 
 ssid NTPC-TRANG
 vlan 900
 bridging-mode local
 encryption-type tkip
 authentication-type none
 wpa-wpa2 psk 0 abcdefghijkl

Could you please confirm, what exactly not working? Does the client able to connect to the SSID?
Or its connecting and not getting IP address?


Regards,
Nathiya M
Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Hi Nathiya,

User/device is neither connecting to the SSID nor getting IP Address.

Regards,

Jitendra


Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

and for SSID: NTPC-TRANG it is authenticating..connecting... and again disconnecting... and loop goes on.

Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Hi Jitendra,

Can you please open a TAC case and give me the case #, will work on it further.

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-contact-Extreme-Networks-Global-Tec... 

Regards,
Nathiya M
Photo of Jitendra Patel

Jitendra Patel

  • 402 Points 250 badge 2x thumb

Hi Nathiya,

Herewith please find GTAC CASE ID: 01190608.

Regards,

Jitendra

(Edited)