Hello,i hope that i can find some one can help me.I working Sophos XGS2100 (SFOS 19.0.1 MR-1-Build365) with Sophos Access points.
the system works good but as a new customer and user in Sophos Wold i need a help.
in some rooms we have Cast connected to old Beamers(which hasn't WiFi function), those Cast devices should be connected to the Guest WiFi.
our Guest WiFi is already configured that the connect throw it with using Voucher, the Voucher code is unable to entry.
is there any way or method or rule to make a list of MAC address allowed to be connected to Guest network without Voucher?
1- i have created a list of MAC addresses which include the devices which i want the to be connected with internet throw the Guest WLAN
2- i have added the list to the allowed hosts/network in Walled garden but no change.
3- i have created a rule which allows the MAC-list to be connected directly with the following settings :
Hi, put the to be whitelisted MAC address list here:
in Advanced Settings
Exactly as i thought,
If i did the only listed mac address will be able to connect to the network.
Mac Adresse filter will filter the devices before the Voucher
That means it is no more guests WLAN .
you could create a second WiFi with MAC whitelist but then the devices in the second WiFi cannot communicate with devices in the first guest WiFi
And here is the problem.
The guest should able tu use the cast with internet connection together.
Thats why i have to find a way to connect these devices to the guest network.
Is there any way to edit a voucher and register a MAC Adresse manually?
By the way i already have another network Wich with MAC filter works but it is our work network which unable to connect the guest devices.
not with regular sophos tools. maybe one can by manipulating databases on CLI - would not recommend.
well, you could spoof the MAC address of the Cast's with the driver of your NIC and register it to the wifi via voucher hotspot.
that should work in your case but I have never tested it.
I checked my Intel WiFi and it has no such option.
but there are also tools that can do that.
unfortunately ,i don't have Intel wirelessard,
then please create a support case ask support team if they can provide an CLI option for you to add MAC addresses to the list of authenticated devices for the hotspot. good luck!
Many thanks for your Support .
Hi again,do you think that i can make an exception in the rules for some MAC Addressees for example from exclusion ?
I don't think so. The MAC needs to authenticate to the network before they are allowed to communicate in the WiFi and only then your FW rules could apply.
thank you for replay but that helps not but thank you