This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Identifi: could I blacklist a MAC for a certain SSID or AP?

Identifi: could I blacklist a MAC for a certain SSID or AP?

Ilya_Semenov
Contributor

‎10-13-2017 11:38 AM

Hello, everybody,

I have an ability to blacklist MAC address in Reports>Clients. But doing so I totally block a user for all SSIDs and APs.

Could I block a MAC for a certain SSID/AP?

Many thanks in advance,

Ilya

0 Kudos
6 REPLIES 6

Ronald_Dvorak
Honored Contributor

‎10-13-2017 12:14 PM

Yes if you use external authentication like Extreme Control, just put the MAC to a end-system group that isn't allow and link it with the SSID.

Cheers,
Ron
0 Kudos

Doug
Extreme Employee

‎10-13-2017 11:48 AM

  • If you want to blacklist users on a per WLAN basis you can add the MAC address to the role associated with specific WLAN you want to blacklist them on (keep in mind that the Max Number of Filter Rules per Role is 64).
  • You need to make sure when creating the filter rule in the role for the client to set the 'In filter' and 'out filter' to 'both', and the 'Access Control' to 'Deny'.
  • If you use this method the client will still be able to connect to the SSID but they will not be able to pass any traffic. This may be a viable solution if you only need to blacklist a few clients.
  • If you need to blacklist more clients and need to do so on a per WLAN basis you would need to use some kind of authentication (MAC) and use NAC to blacklist.

Doug Hyde
Director, Technical Support / Extreme Networks
0 Kudos

Craig_Guilmette
Extreme Employee

‎10-13-2017 11:48 AM

Are we speaking Extreme wireless controller or Extreme Wing here?
0 Kudos

Craig_Guilmette
Extreme Employee
In response to Craig_Guilmette

‎10-13-2017 11:48 AM

I wondered why I did not recognize your solution. I am a Extreme IdentiFi ESE and this question was posted under the IdentiFi wireless heading. The below answer from Doug is our only solution as without that a blacklist entry blocks the entire system.

0 Kudos
GTM-P2G8KFN