one centralized MAC address database for wireless network

Associate
Joined
8 Mar 2007
Posts
2,176
Location
between here and there
hey all,


I have 5 AP's in my office and do MAC address filtering on our wireless network. I'm sick to the back teeth of having to access each one and enter a MAC address when a new laptop comes in.

Hoe can I have a centralized database of allowed MAC addresses that each AP can query??

I've been reading up on radius servers but tbh, it's not making much sense. I don't really want to go down the whole create certificates and hand them out route. I like the way it is at the mo, I just need it to be more manageable.

Oh, running windows 2003 DC's with mainly XP and win7 clients. Netgear AP's (wg102's, wg103's and a few others)

Any suggestions guys??

Cheers :)
 
the AP's do have the option to link to a radius server.

I'm playing about with 2003's IAS at the mo, but have noticed that the service keeps stopping so I've had to modify the reg to mark the IAS ports as reversed.

I'll have to wait till later tonight to reboot the boxes and see if that helps.
 
Just forget it, MAC address security is pointless in the extreme, it's too easy to sniff addresses and easy to spoof them. Wireless security done right is either a captive portal or a basic WPA key, then that gets you basic internet access, if you want access to internal systems you use a VPN over that.

Ok, but this is for a office internal network. The bosses that be have set the company policy for wireless networks to be MAC address filtered. :(

Is there an easier way other than IAS/AD security groups or a wireless controller?
 
All good points.

Yes it's a fairly large (but awkwardly shaped building) and yes the wireless connections are for people with laptops that are moving about the building who need full access to your network. I have already put cables in all the meeting rooms and other places where's there are likely to be used however some places it's just not possisble.

And Yes, we do also use WPA 2 (TKIP) encryption.

I'm currently just playing with the IAS and AD groups to check MAC addesses. I'm not in charge of IT here and have already made my bosses aware of MAC address spoofing. However, this is thier party so to speak and I just do what I is told. :)

Has anyone got experince with IAS and MAC address filtering. I can't seem to get it to work.
 
Back
Top Bottom