HPE Community
IMC
1835819 Members
3325 Online
110085 Solutions
New Discussion

Re: blocking mac range for BYOD

 
darkingdk
New Member

‎08-04-2016 12:27 PM

‎08-04-2016 12:27 PM

blocking mac range for BYOD

Hi.

We are using a 850 AC controller with IMC, to have a byod platform.

since our network is fairly spread out, ive unfortunately gotten myself some.. unwanted users, and they seem to be using a virtual machine or something in that order to access a specific accesspoint.

Is there a way to block a certain range of MAC addresses in the UAM/ IMC? f.x 02:00:00:00:00:00-02:FF:FF:FF:FF:FF

ive tried to look at the available information in the UI about the client, and it seems to be a windows 10 machine.

The MAC changes regularly as the user tries to evade my blocks, so i assume he is either running in a vm, or has the ability to alter/spoof the mac of his equipment.

0 Kudos
1 REPLY 1
NeilR
Esteemed Contributor

‎08-04-2016 06:09 PM

‎08-04-2016 06:09 PM

Re: blocking mac range for BYOD

At first I looked at creating an Access scenario using the endpoint groups, but unlike IPs you can't specify a range of MACs, only individual ones. You could import a list, but all macs in a range is too many

However you might look at the mute terminal user Configuration profile under Access user - you can configure a range of MAC's there to automatically register and assign to a service - where it can then deny any access or dump them on a dead end vlan or something. It does have a deny filter option, so that might also be even simpler.

Depends on how the BYOD setup you've deployed might work with the mute terminal registration.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.