Microsoft
Software
Hardware
Network
Question : How to block PIX 501 access by MAC address?
Topic says it all. How would I be able to configure a PIX 501 to allow only pre-approved devices to connect? Can I do this by MAC/hardware addresses? Basically, I don't want just anyone plugging into the 501 for a free ride...
Answer : How to block PIX 501 access by MAC address?
not sue what you mean in your comment above. i tested it and it works for me. give a valid mac address in the mac list command. not a bogus one. use aaa-server local and user username command to set a username and password. dont copy my username command since the password is encrypted.
just type username user password password
now connect from the machine that is permitted.
it should be allowed through without authentication
now connect from any other machine
this should be prompted for username and password
if you dont give the username and password, he will not be able to go through
you said that you supplied a bogus mac address... so the bogus mac address would be allowed. you said you connected from the machine with was not in the permit list.. so it got prompted for username and password. this is correct behavior. you want to allow users by mac address. just put in the allowed users in the mac-list. they will not require username and password. all other users will require it.. if you choose a strong username and password, they will not know it and wont get through.
Random Solutions
Watchguard X5 Router & Bellsouth DSL-on, off, on, off.....
FTP Batch FIle Needed
pix to pix vpn question
IP ROUTE Command
Restore failing on a NW 5.1 SP5 server using Brightstor Arcserve v. 9
route-map nonat permit ???
Parameters not being passed to stored procedure using vb.net
Two Cisco 1200 APs - Trying to setup roaming configuration
White vs Grey Route
Slow transfer speeds on Gigabit LAN