I'm currently searching how to block mac address.
Some people connect their smartphone to our network. Unfortunately, we don't have enough IP from the DHCP for all smartphone. So I would like to know how can I do it !
thank you in advance !
To block a specific mac-address or addresses you can use a mac filter, create a list of mac objects you want to block and then assign this to a mac filter, then assign this mac filter to your SSID's.
To block smartphones I would utilise the client classification functionality within the user profile and drop Android, iOS, Symbian and Windows Phone clients.
To create a user profile that will drop all smartphone users do the following:
1. Create a schedule (Configuration -> Advanced Configuration -> Schedules) that has a time/date range that can never be met. In the example below I have used Midnight to one minute past Midnight on New Years Day 2010.
2. Create a user profile (Configuration -> User Profiles) that you can assign the newly created schedule to. I have also created a VLAN object that points to a non-existent VLAN and assigned it to the user profile. You will notice that under the "User Profile Availability Schedules" section the "Deny Action for Schedule" is set to "No Association". This means that any wireless client matched to this user profile outside the date/time range specified in the previously created schedule will not be able to associate.
3. Lastly, in your normal user profile add the following client classification rules. These rules will move any Windows Phone, iPod/iPhone/iPad, Android, Symbian or BlackBerry clients into the "Deauth_Client" user profile, where they will not be able to associate.
Hopefully that helps.