Although we encourage all wireless devices to connect via WPA/WPA2 802.1x, not all wireless devices support these standards. To accommodate consumer level wireless devices, such as game consoles, we created a separate WPA PSK network. We manually approve each request by adding a mac filter exclusion to that particular network.
In the beginning we did all these requests manually, either by entering them directly into each WLC or by using templates in WCS. Eventually, the number of requests necessitated the need to semi-automate the process. We created a web form to gather the information; on the administrator side we could approve or deny each request. Approving the request would run a scripted telnet session to each WLC adding the macfilter. For security and stability reasons we didn't want to continue using scripted telnet sessions. We figured out how to script an https session on the controllers using HTTP GET. This solution is working much better; however we have not found a good way of removing macfilters from the controllers, using this method. (The way the web interface works for removing macfilters is pretty convoluted and would be difficult to script.) We want to run a script once a month that will remove all macfilters a year or more old. So, long story short, has anyone done anything like this? Any suggestions for removing old macfilters? Thanks. -Mike Schomer -ResNet Coordinator -St. Cloud State University ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
