Extreme Networks

dyarbrough1 · ‎12-11-2018

We are using CWP on a guest network. There are some devices (apple TV, treadmills) that do not have the means to accept policy and authenticate. I need the straightforward procedure to set up mac authorization for these devices.

samantha_lynn · ‎01-21-2019

You'd want to make sure to update your APs with a complete configuration so the supplemental CLI object with the MAC objects gets added to the AP. A delta configuration won't push the supplemental CLIs, and would cause the issue you are experiencing. Are you still having these problems with a complete configuration update?

oliver_eve · ‎01-21-2019

Hey Sam,

I was wondering if you could help with an issue i've got for cwp bypass. I've noticed that when we configure the mac-objects shown above, the cwp bypass works a treat until we have to do any form of update to the aps i.e change guest network psk. Once we do that, the mac objects disappear but the CWP config remains. Any ideas how to make the mac objects permanent as it keeps breaking device access for non cwp capable devices? It's annoying having to reapply the mac objects everytime we make a change.

Cheers

Oli

samantha_lynn · ‎12-11-2018

You would want to use a supplemental CLI to do this. This guide will walk you through how to set up a supplemental CLI: https://thehivecommunity.aerohive.com/s/article/Supplemental-CLI-NG

The first command we'll run will create a new MAC object, so it's just defining the MAC address of the client device we want to have whitelisted. The second command is us adding the MAC object you just mad to a whitelist. The commands we will want to add to the supplemental CLI are:

mac-object <nameofmacobject> mac-range <mac_addr(i.e.1111:2222:3333)> - <mac_addr>

security-object <nameofsecurityobject> security mac-white-list mac-object <nameofmacobject>