Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 40 subscribers
  • Views 2351 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

When MAC Filtering is enabled, clients with correct password but not on the Whitelist are not appearing in system logs when attempting to connect to the wireless network

alan weir

SFOS 19.5.1

I have wireless protection enabled in SFOS using a Sophos AP. I recently created an MAC host group with a whitelist of MAC addresses of devices that can connect to the wireless network. Recently an Android device that was previously authenticated and allowed to access the wifi network was not added to this MAC address whitelist and does not appear in the system log at all as failed authentication. There is literally no log anywhere of this device as it is attempting to connect to the network using the correct password.

I am at a loss to figure out where the log is that shows the device not authenticating due to not being on the whitelist, and it's MAC address.

EDIT: It isn't until I switch MAC Filtering from Whitelist to None, that the device connects and the DHCP status of it it is renew in the system log.

Then, enabling Whitelist again reproduces the issue; the device not not appear in the system or authentication logs as any authentication error or failed DHCP lease and does not connect to the wi-fi network.



This thread was automatically locked due to age.
Parents
  • 0

    A lot of modern Android devices default to using ramdom MAC addresses.
    Did you check that this specific device uses the device MAC?

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  • 0 in reply to Peter-Paul Gras

    The device is set to use it's hard-coded MAC. A post from a few years ago states the wireless log was no longer included since XG version 16. Most likely I will attempt to try Sophos Central wireless anyways after I try the advanced shell option above first.

Reply Children
No Data
Unfiltered HTML