WifiWave2 white list...
Good day! Tell me how to create a white list now and most importantly how to prohibit access to the network via WI-FI to those who are prohibited from doing so.? It was logically and understandably organized in the old CAPsMAN...
-
-
JohnTRIVOLTA
Member
- Posts: 345
- Joined:
- Location: BG/Sofia
Re: WifiWave2 white list...
Likewise, you have an access list where you add who should be accepted and finally reject all!Good day! Tell me how to create a white list now and most importantly how to prohibit access to the network via WI-FI to those who are prohibited from doing so.? It was logically and understandably organized in the old CAPsMAN...
Re: WifiWave2 white list...
It is clear that you need to add all the necessary ones to the Access list, but in the end you need a forbidding entry that says enables blocking by mac address?
-
-
JohnTRIVOLTA
Member
- Posts: 345
- Joined:
- Location: BG/Sofia
Re: WifiWave2 white list...
Just add last rule with only reject action - this is enough !It is clear that you need to add all the necessary ones to the Access list, but in the end you need a forbidding entry that says enables blocking by mac address?
Re: WifiWave2 white list...
If you add this rule, then everything is blocked.
-
-
JohnTRIVOLTA
Member
- Posts: 345
- Joined:
- Location: BG/Sofia
Re: WifiWave2 white list...
It works for me. Try to choose the interface?If you add this rule, then everything is blocked.
Re: WifiWave2 white list...
I disable the rule, connect the phone, add it via "add to Access List".Everything works. If you enable the rule, the router does not allow the phone to connect to the network, despite the fact that the mac address is in the allowed list.
-
-
JohnTRIVOLTA
Member
- Posts: 345
- Joined:
- Location: BG/Sofia
Re: WifiWave2 white list...
It works for me, but not with capsman, only in the wifi access list in the router itself.I disable the rule, connect the phone, add it via "add to Access List".Everything works. If you enable the rule, the router does not allow the phone to connect to the network, despite the fact that the mac address is in the allowed list.
Re: WifiWave2 white list...
Part of the export of settings related to WIFI accessadd bridge=bridge1 interface=ether1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether5 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=wifi1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=wifi2 internal-path-cost=10 path-cost=10
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=WAN
/interface list member
add interface=bridge1 list=LAN
add interface=ether2 list=WAN
/interface wifi access-list
add action=reject comment=" Blocking WIFI 5Ghz" disabled=no interface=any
add action=reject comment="Blocking WIFI 2Ghz" disabled=no interface=any
add action=accept comment="Honor Magic 4Pro" disabled=no interface=any mac-address=D2:E0:35:42:5C:31
/interface wifi cap
set discovery-interfaces=bridge1 enabled=yes
/interface wifi capsman
set ca-certificate=auto certificate=auto enabled=yes interfaces=bridge1 package-path="" require-peer-certificate=no upgrade-policy=\
suggest-same-version
/interface wifi provisioning
add action=create-enabled disabled=no master-configuration=cfg1 name-format=cap supported-bands=5ghz-ax
add action=create-enabled disabled=no master-configuration=cfg2 name-format=cap supported-bands=2ghz-ax
Re: WifiWave2 white list...
Based on how wifiwave2 is written, so the capsman is also stripped down, which can only connect the controller to the access point and transfer settings to it.
Re: WifiWave2 white list...
As with firewall rules, ACL rules are also evaluated from top to bottom. So move your accept rules above all reject rules and you'll be golden./interface wifi access-list
add action=reject comment=" Blocking WIFI 5Ghz" disabled=no interface=any
add action=reject comment="Blocking WIFI 2Ghz" disabled=no interface=any
add action=accept comment="Honor Magic 4Pro" disabled=no interface=any mac-address=D2:E0:35:42:5C:31
Re: WifiWave2 white list...
I checked it out. It makes no difference where the forbidding rule is...
Re: WifiWave2 white list...
After you change ACL rule order, it may be necessary to restart the router (to flush any cached client status). And force wireless station to try to re-connect ... wireless devices tend to remember if they were kicked off some AP not to bother AP again. Only forcing them to re-try will clear the cached information.
But anyway, order of ACL rules definitely matters.
But anyway, order of ACL rules definitely matters.
Re: WifiWave2 white list...
I checked it out..nothing has changed. If it doesn't bother you, take off a screenshot of your settings. The feeling that something is missing somewhere...
Re: WifiWave2 white list...
I currently don't have ACLs targeting particular station MAC addresses, so no screenshot from me.
Re: WifiWave2 white list...
I see. It seems that all this will work after a certain number of updates...Thanks anyway.
Re: WifiWave2 white list... [SOLVED]
The problem was solved by updating the firmware to version 7.14 beta 3. Access control works more or less well. Thank you all
Who is online
Users browsing this forum: maigonis and 13 guests