On an SEC-AP setup, the MAC address put into the ACL of the AP applies to
SEC client itself as well as the MACs behind the SEC. So in order to allow
all the SEC and the MACs behind the SEC, one will have to add all those MACs
into the ACL, or simply do not put any entry into the ACL and bridge
everything ( which voids the purpose of using ACL).
Because of this type of valued customer feedback, v4.45 users will be able
to permit/deny each entry in the ACl list
separately. Also they will be able to specify whether to permit or deny the
non-listed entries. This way they will have full control. Attached is the
screen shot with the new screen. THIS BIN FILE IS IN OUR LAB, release date
has not been set. The bin file verification takes about 2-3 weeks if all
goes well.
Reg Mallory
-----Original Message-----
From: karlnet-bounces@WISPNotes.com
[mailto:karlnet-bounces@WISPNotes.com]On Behalf Of Scott
Sent: Thursday, February 26, 2004 9:14 AM
To: karlnet@WISPNotes.com
Subject: [Karlnet] mac table and access blocking
I am curious-
If you have Access Control setup on an AP interface, with only
certain mac
addresses allowed, which does it actually allow? For instance, I have
numerous super EC units talking to an AP with mac authentication instilled,
and in it's current setup all mac addresses are bridged in our network,
including the ones beyond the "range" of the RG super ec units. This means
mac addresses translate across the network even though they don't list in
the AP list of the satellite. Do I really have to go through and enter
every mac address beyond the satellite, or just the ones listed in the AP
list?
It is important I get an answer, and since I have had no luck with Karlnet,
(see previous questions), I am up that grand proverbial creek as always.
And I will ask again,.. KARLENT why is there no mac list that allows
everyone EXCEPT mac address X? This would be really nice, seeing as how if
you get someone spamming your tower with packets, and this equipment dies
quickly when that happens, it would be nice to be able to fix the problem by
just entering one mac address instead of 30. Even worse if the tower is a
transient user spot, than it is useless with the current software setup.
Getting tired of this.
_______________________________________________
Karlnet mailing list
Karlnet@WISPNotes.com
http://lists.wispnotes.com/mailman/listinfo/karlnet
_______________________________________________
Karlnet mailing list
Karlnet@WISPNotes.com
http://lists.wispnotes.com/mailman/listinfo/karlnet
|