M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

Restrict VSC Access on MSM760

 
Highlighted
Chris-55
Occasional Visitor

Restrict VSC Access on MSM760

Hi All,

 

I am in the process of configuring our new MSM760 controller. We have set up local users on the controller and set the username and password of these users as the MAC address of various laptops that we have in our company. We have a corporate VSC that is only to be accessed by our company laptops and we are using MAC-based authentication which queries the local users on the controller to grant access to the VSC. We are also using WPA2 with a Pre-Shared Key for this VSC. We are using the controller for authentication but now for Access Control on this VSC.

 

We have another VSC configured for guest access and this Network goes to a BT Business Hub which is connected to a separate ADSL connection which allows web access for visitors/external contractors etc. The controller is used for authentication on this VSC but not for Access Control (the same as the other VSC). This is just protected by a WPA2 Pre-Shared Key which we change on a monthly basis.

 

I am trying to set it so that our company laptops are not able to access the guest VSC and are only able to access the corporate VSC. The reason for this is that there is no web filtering or anything like that set up on the Guest VSC. To do this we have gone in to the local user settings on the controller and set the “VSC Usage” option so that the local user is restricted to use the corporate VSC only but the laptops are still able to access the guest VSC. Is there something that I am missing? I hope this all makes sense!

 

Controller Software Version: 5.7.0.2-01-10750

Controller Hardware Revision: B:48

 

Thanks in Advance,

3 REPLIES 3
Highlighted
Arimo
Respected Contributor

Re: Restrict VSC Access on MSM760

Hi Chris

 

If you have a small network you can use the Wireless MAC filter on the VSC. Put all the laptops of the employees in there, and block access to that VSC. The downside is that you can only configure 64 MAC addresses / VSC.

 

Besides that I don't really see any other option but using an external RADIUS. Maybe you can configure the RADIUS server in a way that the employee laptops aren't allowed access, but everything else is. Don't know, haven't tried it that way...


HTH,

Arimo
HPE Networking Engineer
Highlighted
ISoliman
Super Advisor

Re: Restrict VSC Access on MSM760

If you have the laptops joined to the Domain you can apply A GPO denying Access to the Guest SSID and hides it as well from the companie's laptops.

Or as mentioned by Arimo blacklist their MACs :)
Highlighted
andy210000
Occasional Visitor

Re: Restrict VSC Access on MSM760

Hi

 

sorry to hijack the thread, but im trying to get our network to the same confiugration as it seems you have done

 

i.e

 

we have our corporate lan on one VSC and guest access on another VSC which is connected to a Standard BT adsl line, but for some reason i cannot get this to work is it possible you could guide me through the configuration that you did?

 

not looking to restrict corporate laptops on the guest at this stage just looking to have to wireless VSC one for corporate and one for guests