WIFI AP6-420e MAC Filter issues

Slappy 9 days ago

We are currently testing phase of AP6-420e APs.

Is there anybody else experiencing MAC filter configuration issues.....

We are testing 3 SSIDs that are on separate VLANs and each SSID is needing a MAC filter.

I thought at first, I was not hitting the save button but too many oddities have come up and now beginning to wonder if I can trust this stuff....

In the past couple of weeks here is what I have experienced with the MAC filtering:

- I setup the mac filter for a SSID....then some time period later, I find the MAC filter setting was changed to NONE......This is very concerning.

- One day checked the 3 SSIDs that had MAC filters in place and ALL the SSID MAC filters were setback to NONE.

- Most recently, I added one MAC address to one of the SSID MAC filters and all the existing MAC addresses were erased. The only MAC address in the filter was the one I added. But the troubling part was that the MAC filters in ALL the other SSIDs were changed as well. O nly that one MAC address I added was in ALL the MAC filters for all SSIDs......

Is this stuff ready for production environments if these things keep happening??

Case was created but wanted to know if anybody else is having these issues.

better description of current setup....
[edited by: Slappy at 3:38 PM (GMT -7) on 11 Jun 2024]

Top Replies

LuCar Toni 9 days ago +1

Do you use Band Stearing? docs.sophos.com/.../index.html

0 LuCar Toni 9 days ago

Do you use Band Stearing? docs.sophos.com/.../index.html

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Slappy 9 days ago in reply to LuCar Toni

Band steering is not ON....... I was told you cannot have Advance Threat Protection on along with MAC filtering option. However, with Advance Threat Protection turned on, I am still able to enable MAC filtering. Not sure why this would be......
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
+1 LuCar Toni 8 days ago in reply to Slappy

There is a documentation about this:

https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/Wireless/SSIDs/SSIDAdvanced/index.html#hidden-ssid

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel
0 Slappy 8 days ago in reply to LuCar Toni

Thanks for your response...

Little sloppy to allow a customer to turn MAC filtering on when Active Threat Response is on. No warning messages or anything other than it being in the "documentation" ......On top of that I would like to know the reason why both can't be used at the same time.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni 8 days ago in reply to Slappy

Actually the Docs is not correct. We will address this one.

You cannot use a Whitelist approach and ATR at the same time (Meaning, you Whitelist a MAC and block the same MAC at the same time). The Docs is misleading on that page.

One step back here:
Do you use white or blacklist in central?
And if you say, the List is empty --> is it empty in Central or the Access point management itself?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Slappy 8 days ago in reply to LuCar Toni

We use whitelists only in Central>Wireless. No idea where ATF is located in Central....as we do not have any Sophos Firewalls or Switches in our environment.

I finally looked at the ATR and how it functions.....I can see this could be problematic.... However, there should/could be logic built in that that ATF MAC block would supersede the whitelisting.

At the very least give the customer the ability to granularly apply ATF to SSIDs that are not using the MAC whitelist......

The MAC list in the ATR located in Central>Wireless is/was empty before I disabled it.

Still stand by my comment.....If ATF is enable in Central>Wireless for AP6 then the MAC filtering option should be greyed out in the SSID.....
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Slappy 8 days ago in reply to Slappy

I turned off ATF yesterday 6/11. Today, I check the 3 SSID that I have the MAC allowed function turned on. All of them have one MAC address listed (same MAC address). I added a list of MAC addresses to one SSID and save the configuration.

When I opened the other 2 SSIDs, the list of MAC addresses I entered in the one SSID were now populated in other 2 SSIDs MAC allowed lists. Why would this be happening? Something is really wrong here.....
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel