Menu
What's new
By:
Filters Better Search

Multiple MAC devices configuration on Netgear GS728TP

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

P

pelletie

New Around Here
Hi to all, My very first posting since I'm really stuck with this problem... I have some knowledge
of LAN and switches but this is first time I have to implement MAC access control in a layer 2
switch.

Here's my topology:
- 3 story high concrete building
- Engenius AP EAP1200 on each floor
- EnGenius AP's configured to have same SSID, same password & fast roaming enabled
- Wi-Fi clients on each floor &, since fast roaming, clients connected on 2nd floor will be able to move
on 3rd floor without reconnecting (fast roaming feature)
- EnGenius AP connected to a Netgear GS728TP layer 2 switch (1st floor on port 1, 2nd floor on port 2
and 3rd floor on port 3)
- Switch port 23 connected to D-Link router

And I want to control access through MAC's since some clients "sharepasswords" from other clients
without being allowed to connect to the system.

So:

a) option A: configure MAC addresses in each AP's => a lot of work managing same MAC
address on 3 AP's

b) option B: configure MAC addresses in Netgear Switch => centralized management of MAC's

So, let's go with option B but here's the problem: unable to configure MAC addresses in switch
(using web interface) since confusion about rule names, rules ID, sequence number, outbound MAC
address, outbound MAC address filter, mapping rules to ports,... Information provided by Netgear
not very instructive...

Obviously, I will have > 40 clients to configure in switch to control access to the system (internet).

So, any help with a detailed description (not a general description) on how to configure
a MAC entry, in this switch, for each client and bind this client's MAC to ports 1, 2 &3 would
be appreciated.
 
You need to plan how many levels of hierarchy you need? This is key to your strategy. You need a base level so if someone is not setup they still have base access. As their MACs come online you can promote them to what ever level. Are you going to use VLANs for different departments? There is no structure in your request other than MAC control.

I would do this at the IP level not MAC. You can assign a MAC to a unique IP address. You can assign a DHCP scope or server to a department to one VLAN if you want. How are you planning to this with MACs.
 
Hi coxhaus,

First, thanks for your reply.

Now, I've previously set up VLANs on the switch but managed to mess it up so actual clients would not be connected anymore. And, also, if I'm able to implement access control through MACs (on teh switch) without using VLANs, great. But if using VLANs would simplify set up and management, I'll set up VLANs to implement MAC access control for every single unit connected on the system.

Secondly, clients on 2nd floor, 3rd floor,... will be connected to their local AP which will provide dynamic IP addresses (DHCP) to connected devices. Therefore, I can't use IPs to control access (at the switch level) since device's IP addresses are dynamic and known only by their connected AP (each AP and it's connected devices are actually a subnet connected to the switch). So this is why I have to default on using MACs to enable/disable client's devices.

Thirdly, as far as strategy is concerned, if a client's device MAC is configured in the switch, he/she will have access to internet. Otherwise, no access at all.

Lastly, I forgot to mention that AP's on each floor connected to the switch have a static IP address so, for maintenance purpose, I'm able to connect to each AP knowing what their IP addresses are. But, as mentioned, devices connected to these AP's have a dynamic IP address which is provided by their local AP on each floor. So, at the switch level, I have to enable/disable any device connected on the network (whether it's connected to the AP on the 2nd floor or 3rd floor or...) by configuring their MAC in the switch itself and not their IP.

Another detail: as far as a step by step configuration would be appreciated to program MAC's through the switch's web interface, I could also program the switch through telnet if detailed instructions on programming the switch are supplied.

Hope all of this will provide enough details to reach a solution on this configuration problem.
 
You must log in or register to reply here.

Similar threads

T
wifi for a two-floor house, ethernet backhaul
Replies
1
Views
360
tgl
T
M
ASUS XT8 w/ 2.5G multigig switch +XT8 nodes not working (need help)
Replies
3
Views
511
Tech9
Tech9
I
General question re. wifi devices disconnecting and reconnecting
Replies
13
Views
1K
degrub
D
pippo_105
I cannot setup Wireguard on my AX6000
Replies
6
Views
524
pippo_105
pippo_105
S
Please explain multiple APs, mesh, roaming, handoff, and broadcast frequencies
Replies
9
Views
1K
sfx2000
sfx2000
Similar threads
Thread starter Title Forum Replies Date
G Multiple tries needed to open windows share Other LAN and WAN 0
S Trying to diagnose why Google Pixel Devices won't update on network? Other LAN and WAN 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 744 (members: 25, guests: 719)
Top