Mac Adress Control

Started by tyrell, January 28, 2025, 10:58:21 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 28, 2025, 10:58:21 AM
Cheers,

im trying to setup Mac Adress Control for a specific IP Pool.
But it always gives me following error when trying to save:

"If you specify a mac allow list, it must contain only valid partial MAC addresses."

This is my partial Mac Adress "64-62-66" Every device starting with this should get an IP from
that pool.
Am i doing something wrong or is this a bug?

January 28, 2025, 11:17:58 AM #1
Hint: clicking the little "i" button to the left of any setting should show some help text - in this case:

"Enter a list of partial MAC addresses to allow, comma-separated, no spaces, such as 00:00:00,01:E5:FF"

So use colon (:) as the separator...
January 28, 2025, 02:59:42 PM #2
damn you are right.
that was the problem.
but its still doesnt work.
the devices still get an IP from the regular pool not from the additional pool.
even after dhcp server restart, deleting the dhcp lease and restarting the device.
also tried to deny the partial mac from the regular pool and have it allowed in the additional pool.
but nope.
any ideas?
January 28, 2025, 05:02:29 PM #3 Last Edit: January 28, 2025, 05:12:05 PM by dseven
I've never tried to do that, but I would guess that you need to apply some criteria to the other pool also - otherwise it will be available to all clients. You could explicitly block your "64:62:66" range?

Edit: I just re-read, and see that you already tried that .. hmmm.
January 28, 2025, 09:19:19 PM #4
I just ran a little test on my spare instance:
* Connected a new machine (PC2) that got IP in the existing pool
* Added the partial MAC address of PC1 to the existing pool
* Checked "deny unknown client" on the existing pool
* Renewed lease on PC2 -> failure (with a weird error message)
* Created a fallback pool on the LAN interface
* Renewed lease on PC2 -> success, obviously in the fallback pool

HTH
January 29, 2025, 01:24:29 PM #5
thanks for testing.
but i dont wanna deny all unknow devices.
i just want a fixed pool of ips for a certain mac adress range
January 29, 2025, 06:54:32 PM #6
Isn't it what the above setup just achieved?
Specify the MAC address range, mark the pool as denied for unknown clients (clients in the address range are known).
Create another pool as fallback for clients that don't match the range.

I suspect you can create a chain of pools this way...
Today at 08:44:52 AM #7
maybe i just dont get it:
"(clients in the address range are known)"
the main pool any mac adress should be allowed.
thats important for new devices.
but if i have a deny unknow clients they wont get an IP right?
Print
Go Up Pages1
User actions