Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

PEAP and MAC authentication

djhurt1djhurt1 Enthusiast ✭✭
in High End Firewalls

I've setup a RADIUS/NPS server for PEAP-MSchapv2 authentication. I see on our virtual access points, also have MAC filtering possible. Has anyone implemented both of these solutions successfully? I can't see a reason it won't work. I don't have a test environment unfortunately.


Also it has note stating: "ACL support per Virtual Access Point is supported by SonicPoint-N/AC

and SonicWave. If one Virtual Access Point is used by SonicPoint, global ACL

configuration will be applied by default." What does this mean and I don't see a global ACL anywhere.

Category: High End Firewalls
Reply

Best Answer

Answers

  • SaravananSaravanan Moderator

    Hi @DJHURT1,

    Thank you for visiting SonicWall Community.

    Global ACL can be found on the Provisioning Profiles page under MANAGE | Access Points | Base Settings | SonicWave Provisioning Profiles tab.

    VAP ACL can be found on the Virtual Access Points section under MANAGE | Access Points | Virtual Access Point.

    Hope this clarifies.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • djhurt1djhurt1 Enthusiast ✭✭
    edited November 2020

    I see several profiles at  MANAGE Access Points | Base Settings | SonicWave Provisioning Profiles tab. I guess I'm confused seeing how settings would need applied to each profile rather than one "global" setting.

  • SaravananSaravanan Moderator

    @DJHURT1 - Each profile over there points to various Sonicpoint/SonicWave models. Please disturb the one that is relevant to your access point model.

    Sonicpoint.JPG

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • djhurt1djhurt1 Enthusiast ✭✭

    Do you see any reason we couldn't enable MAC filtering while doing PEAP? I don't have a way to test unfortunately but I suspect simply enabling MAC filtering on the VAP, I can still enable WPA2-EAP correct?

  • djhurt1djhurt1 Enthusiast ✭✭

    No error. I haven't attemtped it yet. Since we just have the production unit, no testing unit, I wanted to confirm this would work while putting the plan together.

  • SaravananSaravanan Moderator

    @DJHURT1 - This should work.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • djhurt1djhurt1 Enthusiast ✭✭

    I just found this reading through the connectivity guide:


    IMPORTANT: You cannot enable the Remote MAC address access control option at the same time that the

    IEEE 802.11i EAP is enabled. If you try to enable the Remote MAC address access control option at the

    same time that the IEEE 802.11i EAP is enabled, this error message displays:

    Remote MAC address access control can not be set

    when IEEE 802.11i EAP is enabled.


    I'm taking this as MAC ACL and PEAP cannot in fact be used together on SonicOS?

Sign In or Register to comment.