Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SBR 6.1 How to control access based on MAC

dmeyers_
Not applicable
‎08-19-2011 12:01:PM
‎08-19-2011 12:01:PM

SBR 6.1 How to control access based on MAC

We are using SBR 6/1 and currently using EAP-PEAP with a certificate. I'm trying to lock down access even further by doing one of two things:

1) Limit access to only the enterprise's brands MAC address. I think Ican do this in a profile with a Check List, but am not sure what parameters I would need to add. And can I even specify that clients must meet the requirement of the first part of a MAC? 0011:ffff:* for example.

2) Can I make it where the radius certificate has to be preloaded on the machine, so clients connecting with mobile phones dont get a prompt to download the certificate?

0 Kudos
1 REPLY 1
CraigB_
Frequent Contributor
‎08-24-2011 10:28:AM
‎08-24-2011 10:28:AM

Re: SBR 6.1 How to control access based on MAC

Hello, yes, you can limit the allowed user based on MAC address. The radius attribute of 'calling-station-id'.

However, since you are using EAP-PEAP, you will need to create a request filter to move the 'calling-station-id' inside of the PEAP tunnel. If you do not do this, you will not be able to filter the MAC address. You have to ALLOW the 'calling-station-id' attribute as part of the filter.

Hope that helps

Craig

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.