Can Linksys WET11 do MAC Forwarding?

Configuration and operational information about stumbled AP's

Can Linksys WET11 do MAC Forwarding?

Postby wzuwerink » Thu Jul 10, 2003 12:14 pm

I am attempting to setup WET11 bridges on a Cisco 350 Access point and use address filtering to limit what workstations have access to my network.

My problem comes with not being able to view the MAC address of the clients because all clients appear to have the same MAC address on my network. That MAC address being the address of the bridge they are attached to.

I updated my WET11 to 1.5.4, which provided a new feature called "MAC Cloning", which I first thought would allow my access point to see all the seperate MAC address's behind the bridge, but after closer inspeciton I found that the bridge simply takes on the MAC address of the first client to use it and allows all other MAC address's to still pass through the bridge and appear on my network as the MAC address it learned from the first client to use it.

Does anyone know if there is a way to use a WET11 to pass the MAC address of the computers behind it to the access point?
wzuwerink
Mini Stumbler
 
Posts: 10
Joined: Tue Jul 08, 2003 6:46 am

Postby wzuwerink » Thu Jul 10, 2003 12:32 pm

If this is not possible, is there a way to configure the WET11 so that it will only work with one computer at a time?
wzuwerink
Mini Stumbler
 
Posts: 10
Joined: Tue Jul 08, 2003 6:46 am

Postby HITMONEY » Thu Jul 10, 2003 12:35 pm

Each WET11 should have its own MAC addy, does it not?
User avatar
HITMONEY
 
Posts: 529
Joined: Sun May 04, 2003 11:01 am
Location: St. Pete Beach, FL.

Postby wzuwerink » Thu Jul 10, 2003 12:47 pm

Yes, but I want to filter based on the computers behind the WET11. The bridge does not allow me to see those computers MAC address's. My routers ARP simply reports each computer IP as associated with the WET11's MAC.
wzuwerink
Mini Stumbler
 
Posts: 10
Joined: Tue Jul 08, 2003 6:46 am

Postby HITMONEY » Thu Jul 10, 2003 12:50 pm

I see. I will call up my Linksys bud and ask for ya.
User avatar
HITMONEY
 
Posts: 529
Joined: Sun May 04, 2003 11:01 am
Location: St. Pete Beach, FL.

Postby TheSovereign » Thu Jul 10, 2003 12:51 pm

it doesnt do it

it does however have an internal memory that can hold upto 50 ethernet mac address's perhaps their is someway to hax the firmware to add mac's only if u specify them....
SO SAYS TheSovereign
User avatar
TheSovereign
 
Posts: 658
Joined: Sun Jun 30, 2002 2:35 am
Location: chicago

Postby HITMONEY » Thu Jul 10, 2003 1:15 pm

Do you have MAC filtering enabled on the WET11?

I am told if you do, that is why you can't see the MACs.

*although that doesn't make much sense to me.
User avatar
HITMONEY
 
Posts: 529
Joined: Sun May 04, 2003 11:01 am
Location: St. Pete Beach, FL.

Postby TheSovereign » Thu Jul 10, 2003 1:44 pm

wet's dont have mac filtering imsaying with a little haxing they could
SO SAYS TheSovereign
User avatar
TheSovereign
 
Posts: 658
Joined: Sun Jun 30, 2002 2:35 am
Location: chicago

Postby HITMONEY » Thu Jul 10, 2003 1:49 pm

Their must be something up here. I have a buddy who works at a fairly high level for linksys, be it marketing he still can give a MCSE a run for his money. Well you would have thought I just told him his parents died in a plan crash when I asked him about MAC fowarding and WET11's to the point he gives me the above level 1 support advice. WTF
User avatar
HITMONEY
 
Posts: 529
Joined: Sun May 04, 2003 11:01 am
Location: St. Pete Beach, FL.

Postby peekitty » Thu Jul 10, 2003 2:02 pm

Originally posted by HITMONEY
...he still can give a MCSE a run for his money.
A bowl of pudding can give an MCSE a run for his money.
User avatar
peekitty
 
Posts: 1054
Joined: Wed Sep 04, 2002 6:14 am
Location: S. Florida

Postby HITMONEY » Thu Jul 10, 2003 2:06 pm

ROFL

Well, its not bad for a marketing guy.
User avatar
HITMONEY
 
Posts: 529
Joined: Sun May 04, 2003 11:01 am
Location: St. Pete Beach, FL.

Postby wzuwerink » Fri Jul 11, 2003 5:15 am

It would be pretty darn handy for me to manually control the 50 memory stored MAC address's on the WET11. Or be able to specify how many it will actually store.
wzuwerink
Mini Stumbler
 
Posts: 10
Joined: Tue Jul 08, 2003 6:46 am

Postby khamill » Mon Jul 21, 2003 4:13 pm

Why not just put a router between the bridge and the computers. You could block/limit access quite easily then.
khamill
Mini Stumbler
 
Posts: 2
Joined: Tue Mar 11, 2003 12:45 pm

Postby wzuwerink » Tue Jul 22, 2003 4:52 am

Because this is for a wireless ISP where I am attempting to keep the CPE as low cost as possible. Even a cheap router would still add another $100 to each customer install and make many of my customers shy away from purchasing service.

I have accepted that the WET11 will not do what I wish it to do, so I have taken another approach.

I have enabled WEP and MAC authentication where my bridges are stored in an SQL database accessed by RADIUS. I have a DHCP server which is setup for reservation only with each Client computer assigned its own reservation. I also have a router with access lists which only allow specific MAC's with specific IP's to pass through.

This may sound complicated, but I have written a third party application to control all of these security measures from a single online form accessible only from employees of the ISP.
wzuwerink
Mini Stumbler
 
Posts: 10
Joined: Tue Jul 08, 2003 6:46 am

Postby khamill » Tue Jul 22, 2003 9:24 am

Bestbuy has a 4 port router/switch combo for 20$ Netgear DI-604. My Isp is wireless also. I run the wet11 into the router/switch combo. It then feeds into a DSS-5+ switch and out to the rest of the house. Using this setup, I can block the kids setup from reaching the internet while still letting them play games and run applications on the lan.
khamill
Mini Stumbler
 
Posts: 2
Joined: Tue Mar 11, 2003 12:45 pm


Return to AP Information

Who is online

Users browsing this forum: No registered users and 3 guests