9-1
v1.0, June 2007
Chapter 9
Configuring MAC-Based Authentication
This chapter describes how to configure media access control (MAC) based authentication on the
WFS709TP ProSafe Smart Wireless Switch using the browser interface.
Use MAC-based authentication to authenticate devices based on their physical MAC address.
While not the most secure and scalable method, MAC-based authentication implicitly provides an
additional layer of security to authentication devices. MAC-based authentication is often used to
authenticate and allow network access through certain devices while denying access to the rest.
For example, if users are allowed access to the network via station A, then one method of
authenticating station A is MAC-based. Users may be required to authenticate themselves using
other methods depending on the network privileges required.
MAC-based authentication can also be used to authenticate W-Fi phones as an additional layer of
security to prevent other devices from accessing the voice network using what is normally an
insecure SSID.
This chapter contains the following topics:
• “Configuring the WFS709TP” on page 9-1
• “Configuring Users” on page 9-2
Configuring the WFS709TP
Before configuring MAC-based authentication on the WFS709TP, you must first configure the
authentication server that the WFS709TP uses to validate the users. The internal database can be
used to configure the users for MAC-based authentication. See “Configuring Users” on page 9-2
for information on configuring the users on the local database. For information on configuring
AAA servers, see Chapter 6, “Configuring AAA Servers”.
To enable MAC-based authentication on the WFS709TP:
1. Navigate to the Configuration > Advanced > Security > Authentication Methods > MAC
Address page (Figure 9-1).