Idea: IdentiFi MAC Authentication without RADIUS

  • 1
  • Idea
  • Updated 3 years ago
  • Not Planned
  • (Edited)
MAC Authentication without RADIUS Server/Only with Controller
I was getting these request from couple of customers where in MAC Auth without RADIUS/only with controller. I have tested below config and found out working. I am posting here for more tweaks and suggestions.

Controller : V2110
OS :

 1. Create Role for MAC Authentication with access control option as Default deny.

2. Add rules under the role by clicking ADD button.

3. For both In and Out Filters, allow specified MAC Address

4. Similarly Create individual entries for each allowed MAC Address.

5. Now Role has been created. Create WLAN for MAC auth

6. Let the privacy be none and Authentication as disabled. Create new VNS to map WLAN services and Role.


What to do if you have hundreds of MAC address to be added?

Get all MAC address in and excel sheet and use concatenate functon to create the create command [Syntax given below]. Login to controller through putty and navigate to role and macauth and issue create commands copied from excel sheet. Sample given below

create 1 proto any eth any mac AB:CD:EF:12:34:56/48 in both out both allow priority none tos-dscp none cos none
One Question I have in mind is "How many MAC address can be used to put in a single ruleset?"
Photo of Karthik


  • 450 Points 250 badge 2x thumb

Posted 3 years ago

  • 1
Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 19,896 Points 10k badge 2x thumb
Official Response