Mac spoofing
-
mac spoofing can bypass on my captive portal,, i set ssl-ca in my firewall and ap isolation enabled…
any suggestions on how to disconnect client using mac spoof.. -
Client is only known to the portal by its IP and MAC.
If a client clones (spoofs) both, well … you'll be needing more sophisticated solutions.Btw : your Wifi channels are encrypted, right ? If they are, your spoofer will have a hard time to obtain MAC addresses.
On an AP used for Captive portal connections AP isolation should always be activated - and you should also isolate AP's among them if you have more then one.edit : what do you mean by "... i set ssl-ca on my firewall ..." ?
-
Not really. Captive portals are a clever hack at best.
-
There is no possible way a firewall can tell two clients apart if they are sharing the same MAC address.
You have a layer 2 problem, so you need to fix it at layer 2. That's a job for your AP/switches, not a firewall.