Good afternoon, my query is the following: in the director zone I can only block 128 users, I work in a school and students should not be able to connect their cell phones to the network, all access lists by L2 or L3 only allow me to create up to 128 mac, is there any way to block more? Thanks in advance
You can use radius attributes to allow/deny the access.
Within ZD there is no way to go beyond 128 entries to block clients using an ACL.
I'd recommend using a device policy that has deny rules for ios and android. That approach works for any wlan (open, psk, 802.1x...) regardless of authentication method. Alternatively, you could define the policy to allow only certain devices (eg, windows laptops and chromebooks) and block everything else.
@david_black_5940365 that is also a good way to block the clients, however, what if teachers/staff also using cell phones and admin wants to allow them?
If that is the case, they have to crated a new dedicated SSID just for staff/teachers. On the student WLAN, we can use the device policy and block android and iOS.