Mac address filtering 2017


  • M
    Custom Avatar

    I have just installed a 12 AP indoor wireless solution from another manufacturer that does not perform mac address filtering and the client is insisting (post install) that the solution be able to perform this function.

    I am prepared to install an alternate solution if necessary and am semi familiar with Ubiquiti. Does the current UniFi product line have this funtionality? I have searched the archives for posts related to Mac addy filtering and they are all a couple of years old so I thought it would be best to check again.

    Thanks in advance for your help.

    Marcus


  • Beta Testers

    Not that I am aware of.


  • Beta Testers

    But you do have the functionality to block devices


  • Beta Testers

    (Which probably uses mac address) but you can not make a list of allowed mac address's for connecting.


  • H
    Beta Testers

    There where a lot of feature requests for it and it should be coming soon in controller 5.5.x.

    Although personally I don't see why people keep asking for a "security feature" that's just not secure anymore.

    See this thread: https://community.ubnt.com/t5/UniFi-Feature-Requests/Per-SSID-MAC-Filtering/idc-p/1838416#M8888


  • L
    Beta Testers

    if by "perform mac address filtering" you mean create a whitelist of mac address allowed to connect, then the answer remains NO and i really believe it will always be NO. This kind of feature is clearly made for SOHO setups, and while UniFi can be used on SOHO setups, it's commonly used in larger (sometimes HUGE) setups. While there's no problem at all on using UniFi for smaller setups (sometimes 1 single UAP), some features exclusively for these small setups may lack and may never be present on UniFi.

    You can, of course, block devices (mac addresses), but cannot create whitelists. For blocking a device through the WebUI, you'll need to have connected to the network at least once. Using API calls, you can block a never-connected device.


  • P
    Beta Testers

    If you must have this, you could use WPA Enterprise authentication and then have a radius server that binds logins to mac addresses.


  • Beta Testers

    I have developed several solutions which basically offer mac-based whitelisting, and the ability to block mac addresses whenever this becomes necessary. One particular application of this is a self-service portal where end-users can manage their "budget" for a number of devices with access to the wlan.

    This works nicely with the guest policies in the UniFi controller, and integrates by means of the API.


  • B
    Beta Testers

    You could do something else that would accomplish this if you are using a different VLAN for Wireless Devices and use a Windows or Linux DHCP server.


Posts 9Views 11
Log in to reply

Looks like your connection to Ubiquiti Networks Community was lost, please wait while we try to reconnect.