Mac Authentication - Motorola WiNG 5.6 Reference Manual

6.1.2.2 MAC Authentication

Configuring WLAN Security
MAC is a device-level authentication method used to augment other security schemes. MAC can be used open, with WEP 64
or WEP 128, KeyGuard, TKIP or CCMP.
MAC authentication enables device-level authentication by permitting WLAN access based on device MAC address. MAC
authentication is typically used to augment WLAN security options that do not use authentication (such as static WEP,
WPA-PSK and WPA2-PSK). MAC authentication can also be used to assign VLAN memberships, Firewall policies and time and
date access restrictions.
MAC authentication can only identify devices, not users. MAC authentication only references a client's wireless interface card
MAC address when authenticating the device, it does not distinguish the device's user credentials. MAC authentication is
somewhat poor as a standalone data protection technique, as MAC addresses can be easily spoofed by hackers who can mimic
a trusted device within the network.
MAC authentication is enabled per WLAN, augmented with the use of a RADIUS server to authenticate each device. A device's
MAC address can be authenticated against an access point's local RADIUS server (if supported) or centrally (from a datacenter).
For RADIUS server compatibility, the format of the MAC address can be forwarded to the RADIUS server in non-delimited and
or delimited formats:
To configure MAC authentication on a WLAN:
1. Select the Configuration
2. Select Wireless.
3. Select Wireless LANs
4. Select the Add
5. Select Security.
6. Select MAC as the Authentication Type.
Selecting MAC enables the radio buttons for the Open, WEP 64, WEP 128, WPA/WPA2-TKIP, WPA2-CCMP and Keyguard
encryption options as additional measures for the WLAN.
7. Either select an existing AAA Policy from the drop-down menu or select the
parameter to display a screen where new AAA policies can be created. A default AAA policy is also available if configuring
a WLAN for the first time and there's no existing policies. Select the
AAA policy.
Authentication, Authorization, and Accounting (AAA) is a framework for intelligently controlling access to the wireless
client managed network, enforcing user authorization policies and auditing and tracking usage. These combined processes
are central for securing wireless client resources and wireless network data flows. For information on defining a new AAA
policy, see AAA Policy on page
8. Select the Reauthentication
the number of minutes (from 30 - 86,400) that, once exceeded, forces the EAP supported client to reauthenticate.
9. Select OK when completed to update the WLAN's MAC configuration. Select
saved configuration.
tab from the Web UI.
to display a high level display of existing WLANs.
button to create an additional WLAN, or select an existing WLAN and
7-15.
radio button to force MAC supported clients to reauthenticate. Use the spinner control set
Wireless Configuration 6 - 11
Edit to modify its security properties.
Create icon to the right of the AAA Policy
Edit icon to modify the configuration of a selected
Reset to revert the screen back to the last