Menu
What's new
By:
Filters Better Search

Multiple MAC devices configuration on Netgear GS728TP

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

P

pelletie

New Around Here
Hi to all, My very first posting since I'm really stuck with this problem... I have some knowledge
of LAN and switches but this is first time I have to implement MAC access control in a layer 2
switch.

Here's my topology:
- 3 story high concrete building
- Engenius AP EAP1200 on each floor
- EnGenius AP's configured to have same SSID, same password & fast roaming enabled
- Wi-Fi clients on each floor &, since fast roaming, clients connected on 2nd floor will be able to move
on 3rd floor without reconnecting (fast roaming feature)
- EnGenius AP connected to a Netgear GS728TP layer 2 switch (1st floor on port 1, 2nd floor on port 2
and 3rd floor on port 3)
- Switch port 23 connected to D-Link router

And I want to control access through MAC's since some clients "sharepasswords" from other clients
without being allowed to connect to the system.

So:

a) option A: configure MAC addresses in each AP's => a lot of work managing same MAC
address on 3 AP's

b) option B: configure MAC addresses in Netgear Switch => centralized management of MAC's

So, let's go with option B but here's the problem: unable to configure MAC addresses in switch
(using web interface) since confusion about rule names, rules ID, sequence number, outbound MAC
address, outbound MAC address filter, mapping rules to ports,... Information provided by Netgear
not very instructive...

Obviously, I will have > 40 clients to configure in switch to control access to the system (internet).

So, any help with a detailed description (not a general description) on how to configure
a MAC entry, in this switch, for each client and bind this client's MAC to ports 1, 2 &3 would
be appreciated.
 
You need to plan how many levels of hierarchy you need? This is key to your strategy. You need a base level so if someone is not setup they still have base access. As their MACs come online you can promote them to what ever level. Are you going to use VLANs for different departments? There is no structure in your request other than MAC control.

I would do this at the IP level not MAC. You can assign a MAC to a unique IP address. You can assign a DHCP scope or server to a department to one VLAN if you want. How are you planning to this with MACs.
 
Hi coxhaus,

First, thanks for your reply.

Now, I've previously set up VLANs on the switch but managed to mess it up so actual clients would not be connected anymore. And, also, if I'm able to implement access control through MACs (on teh switch) without using VLANs, great. But if using VLANs would simplify set up and management, I'll set up VLANs to implement MAC access control for every single unit connected on the system.

Secondly, clients on 2nd floor, 3rd floor,... will be connected to their local AP which will provide dynamic IP addresses (DHCP) to connected devices. Therefore, I can't use IPs to control access (at the switch level) since device's IP addresses are dynamic and known only by their connected AP (each AP and it's connected devices are actually a subnet connected to the switch). So this is why I have to default on using MACs to enable/disable client's devices.

Thirdly, as far as strategy is concerned, if a client's device MAC is configured in the switch, he/she will have access to internet. Otherwise, no access at all.

Lastly, I forgot to mention that AP's on each floor connected to the switch have a static IP address so, for maintenance purpose, I'm able to connect to each AP knowing what their IP addresses are. But, as mentioned, devices connected to these AP's have a dynamic IP address which is provided by their local AP on each floor. So, at the switch level, I have to enable/disable any device connected on the network (whether it's connected to the AP on the 2nd floor or 3rd floor or...) by configuring their MAC in the switch itself and not their IP.

Another detail: as far as a step by step configuration would be appreciated to program MAC's through the switch's web interface, I could also program the switch through telnet if detailed instructions on programming the switch are supplied.

Hope all of this will provide enough details to reach a solution on this configuration problem.
 
You must log in or register to reply here.

Similar threads

sandiegoboy
Node Configuration Setup and wiring
Replies
2
Views
195
sandiegoboy
sandiegoboy
P
ASUS ZenWifi XT8 and XD5 issue with 2.4GHz clients
Replies
2
Views
860
peterdze
P
drinkingbird
Tutorial Repeaters vs Bridges vs Routers
Replies
0
Views
651
drinkingbird
drinkingbird
n9nu
[FS] Asus GT-AX11000 WiFi Router - WITH LOWER PRICES NOW
Replies
1
Views
388
sfx2000
sfx2000
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
1
Views
296
PaulA
PaulA
Similar threads
Thread starter Title Forum Replies Date
G Multiple tries needed to open windows share Other LAN and WAN 0
N Improve file transfer speeds between my PC (used as a hotspot) with other devices ? Do I need a 2nd router between PC and main router ? Other LAN and WAN 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 845 (members: 15, guests: 830)
Top