MAC Authentication Methods

AB.

The Cisco Wireless LAN Controller (WLC) supports two types of MAC authentication methods. They are:

A. Local MAC authentication: This method allows the WLC to authenticate clients based on their MAC addresses. The MAC addresses are stored in the WLC's local database, and access is granted or denied based on whether the MAC address is present in the database or not. This method is useful for small-scale deployments that do not require a RADIUS server.

B. MAC authentication using a RADIUS server: This method involves the use of a RADIUS server to authenticate clients based on their MAC addresses. The RADIUS server stores the MAC addresses in its database, and the WLC queries the RADIUS server to determine whether access should be granted or denied. This method is useful for larger-scale deployments that require a centralized authentication system.

C. MAC authentication using tokens: This method involves the use of tokens, such as smart cards or USB tokens, to authenticate clients based on their MAC addresses. The tokens contain the MAC addresses, and clients must present the tokens to the WLC to gain access to the network.

D. MAC authentication using a PIN: This method involves the use of a PIN, which clients must enter to authenticate based on their MAC addresses. The PINs are stored in the WLC's local database or a RADIUS server's database, and access is granted or denied based on whether the correct PIN is entered.

In summary, the two MAC authentication methods supported on WLCs are local MAC authentication and MAC authentication using a RADIUS server. The other two methods, MAC authentication using tokens and MAC authentication using a PIN, are not supported on WLCs.