This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Can I permanently authorize a client?

chris_huff_7756
New Contributor II

‎02-24-2016 11:46 AM

So here's my dilemma:

We have an iPad that we use in the office for patients to check in for their appointment. We have 2 WiFi connections available to use. #1 is our private network and #2 is our patient / public network. If I connect to option 2 the iPad has to open a web page and accept the TOS before it can continue functioning. If I use option 1, every 10-15 min a staff would have to input their AD username/password for the internet to continue functioning. Is there any way I can just whitelist the MAC address of this iPad on either connection to bypass these issues? We have a ZoneDirector but I don't recall what model off the top of my head.

Thanks in advance!
5 REPLIES 5

seanmuir
Contributor III

‎02-24-2016 03:46 PM

You can MAC Auth clients using  a Radius Server:

https://support.ruckuswireless.com/answers/000001847

Good Luck
0 Kudos

john_d
Valued Contributor II
In response to seanmuir

‎02-24-2016 09:12 PM

From a security standpoint I'm not sure I'm as much of a fan of MAC auth as I am of loading a DPSK or something onto the iPad itself.
0 Kudos

seanmuir
Contributor III

‎02-24-2016 03:46 PM

You can MAC Auth clients using  a Radius Server:

https://support.ruckuswireless.com/answers/000001847

Good Luck
0 Kudos

max_o_driscoll
Valued Contributor

‎02-25-2016 03:06 AM

If you have "modest" environment you might not have a radius server. If you have still not a simple click a few buttons job.
--
This might seem overkill for one device but it'll do what you want. Could regard it as a quick dirty fix.
Create a new WLAN called IPAD
use an ACL list with the ipad MAC in it and assign that list to IPAD.
screenshots in a minute.

In ZD
configure
access control
L2-L7 access control
create new....
add in MAC of ipad...save

Image_ images_messages_5f91c42b135b77e24799ad61_04f76b6e3fc2d9e13be65b15c996a34c_RackMultipart20160225412251sdw-59aed8fb-d190-4e0b-a575-b4558dae6713-103275472.jpg1456398805

create new WLAN
configure
WLANS
create new... edit as required
access control drop down menu should have the IPAD ACL list (you previously created) as an option.

Image_ images_messages_5f91c42b135b77e24799ad61_8cbf27072ed98825b8dd4d503644787a_RackMultipart2016022570275thr2-6ae30faf-b47e-4db7-9b1b-ca4c7c632f1c-1158170900.jpg1456398832


As John correctly mentioned this is not as secure as other methods and is not "good practice" unless you know how to lock your IPAD WLAN down in other ways.

Minor simple improvements include
not broadcasting the IPAD wlan,
restrict to one client (yours) for the WLAN on that AP (stops any other device from connecting)
restrict it only to IOS devices,
assigning WLAN to only one of your APs on 5GHz,
reducing the power output of that AP WLAN to minimum needed,
scheduling the WLAN (7AM-7PM say),
limiting throughput...

look through the options and figure out what you need bearing in mind they can occasionally have unintended outcomes!

If you restrict to one client connection and add in a long inactivity timeout (say 60mins...if you are busy practice then that shouldn't be an issue) the ipad would hold the connection and no other device could use that WLAN.

etc
0 Kudos
Copyright © 2025 Khoros, LLC
Top

Type a product name