Mac spoofing

  • mac spoofing can bypass on my captive portal,, i set ssl-ca in my firewall and ap isolation enabled…
    any suggestions on how to disconnect client using mac spoof..

  • Client is only known to the portal by its IP and MAC.
    If a client clones (spoofs) both, well … you'll be needing more sophisticated solutions.

    Btw : your Wifi channels are encrypted, right ? If they are, your spoofer will have a hard time to obtain MAC addresses.
    On an AP used for Captive portal connections AP isolation should always be activated - and you should also isolate AP's among them if you have more then one.

    edit : what do you mean by "... i set ssl-ca on my firewall ..." ?

  • LAYER 8 Netgate

    Not really. Captive portals are a clever hack at best.

  • Rebel Alliance Developer Netgate

    There is no possible way a firewall can tell two clients apart if they are sharing the same MAC address.
    You have a layer 2 problem, so you need to fix it at layer 2. That's a job for your AP/switches, not a firewall.

Log in to reply