This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Network Management & Authentication
- ExtremeCloud IQ
- How to block a single MAC Address
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to block a single MAC Address
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
10-28-2020 02:46 PM
Hi,
I work in a school that has Pre-K all the way through to 12th grade.
We have been experiencing issues, where people will get bumped off the wifi, or they will connect but not get an IP address. Also, the normally green cloud next to the AP, goes red. I jump into the firewall and connection diagnostic, and see a computer that is sending and receiving a massive amount of data.
I believe this may be deliberate, and to test this theory, I want to block their MAC Address within ExtremeIQ, and see if the issue clears up. Can someone tell me how to do that within the ExtremeIQ interface? please?
many thanks in advance, J.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
11-05-2020 12:43 PM
Hi,
I went another route, as I did not want to risk the devices needing a reboot with that configuration change. So I enabled the Deny Filter within DHCP. From what i have read about DHCP and Windows Server 2012, its best to only Enable the Deny, as people have run into issue with the DHCP Server Service when enabling both Allow Filter and Deny Filter.
If anyone is interested, here is the official Microsoft link:
As i said though, many comments in many other articles said they had Service issues with both enabled, so be careful. The article above doesn't mention any issues enabling both.
I thought it easier to enable the Deny list at the DHCP level, although that adds a hop, as the client would connect to the AP, then try to get an IP address, only to be denied. Hopefully any clients on the Deny Filter do not take up a lot of air time with the Access Point. So far, ive only added a few devices that seem to either be teaming their Ethernet and their WiFi adapters or bridging those connections (they have an IP for Ethernet and an IP for wifi), and i added their wifi MAC address to the Deny Filter, so they can only get on Ethernet.
Thanks,
J
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
11-05-2020 12:43 PM
Hi,
I went another route, as I did not want to risk the devices needing a reboot with that configuration change. So I enabled the Deny Filter within DHCP. From what i have read about DHCP and Windows Server 2012, its best to only Enable the Deny, as people have run into issue with the DHCP Server Service when enabling both Allow Filter and Deny Filter.
If anyone is interested, here is the official Microsoft link:
As i said though, many comments in many other articles said they had Service issues with both enabled, so be careful. The article above doesn't mention any issues enabling both.
I thought it easier to enable the Deny list at the DHCP level, although that adds a hop, as the client would connect to the AP, then try to get an IP address, only to be denied. Hopefully any clients on the Deny Filter do not take up a lot of air time with the Access Point. So far, ive only added a few devices that seem to either be teaming their Ethernet and their WiFi adapters or bridging those connections (they have an IP for Ethernet and an IP for wifi), and i added their wifi MAC address to the Deny Filter, so they can only get on Ethernet.
Thanks,
J
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
10-28-2020 03:35 PM
I haven’t heard of any issues with MacBook Pro 8’s, but that might be a good topic for a new post, just to see if any other community members are experiencing the same thing.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
10-28-2020 03:31 PM
I disabled DNS (as we do it via DHCP) and pushed that as a delta, and all the AP’s took it. So, im hopeful that it will work with this Mac filter as well.
Its a MacBook Pro 8 that I noted “pegging” our network, 130-190MB’s and I believe that is what is causing the issue I posted about. I believe that is the latest model of MacBook, so its possible Apple has changed how their wifi/antennas work, and it could be just blasting the AP, and trying to get as much data as possible, without regard to other clients on the AP or network. Ill probably have to dig on Apples website. Although the web IP they were trying to hit up with all that traffic belongs to the AKAMAI company. Know of anyone experiencing issue with their wifi due to macbook 8’s?
thanks again, J.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
10-28-2020 03:21 PM
You can certainly try a delta push, it won’t hurt or interrupt anything if it doesn’t go through. You would see an update failure on the AP, but that will go away when you do the complete update at a later time.
