AirPort Blacklist

Discussion in 'Mac Accessories' started by iMacZealot, Jul 6, 2008.

  1. iMacZealot macrumors 68020

    Joined:
    Mar 11, 2005
    #1
    I've played around with MAC address access control, and that system only allows the MAC addresses that I specify are allowed. Is there an inverse--- a list of MAC addresses that aren't allowed?

    Thanks.
     
  2. ColinM macrumors member

    Joined:
    Jan 25, 2008
    Location:
    Pennsylvania
    #2
    I for one am not entirely sure on the matter, but I believe the answer is no. If you want to restrict your network more, add a password for security. My Aiport is set up the same way, with only specific Mac Addresses allowed, though we've never had to block particular ones.
     
  3. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #3
    I'm not so concerned about security since no signal reaches the neighbors' houses, but rather speed and range. I want certain devices to communicate only with a designated network, and the ability to divert a device off one network and onto another in case it is slowing a network down.
     
  4. Arran macrumors 68040

    Arran

    Joined:
    Mar 7, 2008
    Location:
    Atlanta, USA
    #4
    Add the MAC you want to reject to the "Timed Access" list, but change the default "Everyday" selection to "No Access" (it's right at the top of the list).
     
  5. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #5
    But if the Timed Access list is turned on, aren't all the addresses that aren't on the list rejected, too?
     
  6. Arran macrumors 68040

    Arran

    Joined:
    Mar 7, 2008
    Location:
    Atlanta, USA
    #6
    Good point! :confused: I had to go check my setup....

    On my list, there's a catch-all "default" MAC address at the top which is set to "Unlimited" (Everyday, all day) access. Below that, there's my list of individual MACs with their own personalized restrictions.

    So any MACs which I haven't specifically named and restricted get free reign.
     
  7. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #7
    So, if I have the "default" MAC address to unlimited, it will allow everyone, and then I can have my blacklist from there?
     
  8. Arran macrumors 68040

    Arran

    Joined:
    Mar 7, 2008
    Location:
    Atlanta, USA
    #8
    Yes. I just tested it with a macbook and an ipod touch. The macbook got network access under the default ("unlimited") entry, but since I'd put the MAC address of the touch in the list and specified NO ACCESS (just for it), it was locked out.
     
  9. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #9
    Thanks! Now I just need to gather all 13 MAC addresses in the house. :eek:
     
  10. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #10
    You didn't already have them in your AEBS list? :p

    This thread is great -- I also thought the answer was that this could not be done; I'm pleased (and making a mental note) to be wrong. :)
     
  11. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #11
    I have most of the addys, but I'm not sure which devices they actually are.

    I'm also glad we found a solution, but I don't think I can use it because for some reason, the MAC Address Access Control list in my AirPort Express WDS remote is a 'local' list, not a 'timed' one like in my AirPort Extreme WDS main, and the 'default' listing doesn't show up in the 'local' list.
     
  12. Arran macrumors 68040

    Arran

    Joined:
    Mar 7, 2008
    Location:
    Atlanta, USA
    #12
    Is your Express one of the older G models?

    I have an old G and a newer N. I just checked both. Like you said, the 'G' version doesn't have the 'default' entry, but the 'N' does. Firmware is up to date on both, btw (6.3 on G, 7.3.2 on N).
     
  13. iMacZealot thread starter macrumors 68020

    Joined:
    Mar 11, 2005
    #13
    Yeah. I have a G Express and an N Extreme. I didn't know if the default entry didn't show up because it was an Express or because it's a WDS remote.
     

Share This Page