mac spoofing can bypass on my captive portal,, i set ssl-ca in my firewall and ap isolation enabled…
any suggestions on how to disconnect client using mac spoof..
Gertjan last edited by
Client is only known to the portal by its IP and MAC.
If a client clones (spoofs) both, well … you'll be needing more sophisticated solutions.
Btw : your Wifi channels are encrypted, right ? If they are, your spoofer will have a hard time to obtain MAC addresses.
On an AP used for Captive portal connections AP isolation should always be activated - and you should also isolate AP's among them if you have more then one.
edit : what do you mean by "... i set ssl-ca on my firewall ..." ?
Not really. Captive portals are a clever hack at best.
There is no possible way a firewall can tell two clients apart if they are sharing the same MAC address.
You have a layer 2 problem, so you need to fix it at layer 2. That's a job for your AP/switches, not a firewall.