[AP Controller]Setting Up MAC Authentication on Wireless Network
Zyxel_Kay
Posts: 1,280 
Zyxel Employee
Zyxel Employee
This example demonstrates how to configure MAC authentication, allowing wireless clients to authenticate using their MAC addresses instead of usernames and passwords.
In a classroom setting, teachers' devices are pre-registered and trusted on the controller. These devices can bypass standard authentication protocols and are treated as MAC user roles.
In this topology:
- The NXC acts as the authentication server, storing the devices' MAC addresses.
- The USG gateway functions as the DHCP server.
Note:
All IP addresses and subnet masks mentioned in this example are placeholders. Replace them with your actual network details. This configuration was tested on:
- USG20v2 (Firmware Version: V4.15)
- NXC2500 (Firmware Version: 5.30)
- GS2210-8HP (Firmware Version: V4.30)
6.1.1 Configure AP Profile
- Navigate to CONFIGURATION > Object > AP Profile > SSID > Security.
- Click Add to create a new security profile.
- Set the option you prefer for security mode and enable MAC Authentication. In this example, I set the security mode as None.
- Go to CONFIGURATION > Object > AP Profile > SSID > SSID List.
- Create an SSID profile and assign the previously created security profile.
- Create an SSID profile and assign the previously created security profile.
6.1.2 Configure User/Group Profile
- Go to CONFIGURATION > Object > User/Group > MAC Address.
- Select MAC Authentication.
- Add the teachers' MAC addresses to the NXC local server.
6.1.3 Configure Authentication Method Setting
- Go to CONFIGURATION > Object > Auth. Method.
- Click Add to create a new authentication method.
- Enter a Name and select Local from the Method List.
6.1.4 Configure AP Group Profile
- Navigate to CONFIGURATION > Wireless > AP Management > AP Group > Group Summary > Radio Setting.
- Set the SSID profile to the AP radio.
- Set the SSID profile to the AP radio.
6.1.5 Test the Configuration
- Use a trusted teacher's device to connect to the SSID: MAC_auth.
- Verify that the device successfully passes MAC authentication and gains Internet access.
- Verify that the device successfully passes MAC authentication and gains Internet access.
- Go to MONITOR > Wireless > Station Info.
- Check the station information on the NXC.
- Check the station information on the NXC.
- Navigate to MONITOR > System Status > Login Users > Login Users.
- Verify that the teacher's device appears in the list of logged-in users.
- Verify that the teacher's device appears in the list of logged-in users.
This completes the MAC authentication setup for trusted wireless devices in a classroom environment.
Kay
0
Categories
- All Categories
- 419 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 5.9K Security
- 341 USG FLEX H Series
- 288 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 260 Service & License
- 403 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight