You are right and I have set one up. Much easier than I Thought. Instructions are below. I set up a deny list this morning. I can cut and paste mac addresses of users (cell phones) that continually bang on the door but do not get authenticated. It has been working since this morning and no one has screamed yet. So, i must have set it up correctly. Thanx!
Using the
Access Controls configuration options, you define Layer2/MAC address ACLs,
which can then be applied to one or more WLANs (upon WLAN creation or edit).
ACLs are either allow-only or deny-only; that is, an ACL can be set up to allow
only specified clients or to deny only specified clients. MAC
addresses that are in the deny list are blocked at the AP, not at the
ZoneDirector.
To configure an L2/MAC ACL:
1. Go to Configure > Access Control.
2. In L2/MAC Access Control, click Create
New.
a. Type a Name
for the ACL.
b. Type a
Description of the ACL.
c. Select
the Restriction mode as either allow or deny.
d. Type a
MAC address in the MAC Address text box,
and
then click Create New to save the address.
The new MAC address that you added appears next
to the Stations field.
You can enter up to 128 MAC addresses.
3. Click OK to save the L2/MAC based ACL.
You can create up to 32 L2/MAC ACL rules and
each rule can contain up to 128 MAC addresses.
You can apply the ACL for a specific WLAN in
Configure>WLAN>Create New or Edit a WLAN>Advanced Options>Access
Control.
We can apply only 1 ACL per WLAN.
