Enabling RADIUS Access via MAC Addresses

Sometimes, you will need to allow wired devices (like VOIP phones) access to your network without user authentication. Or, maybe you'd like to authorize wireless printers to a network by their MAC address (note, the SSID in this case must be set to "MAC-based access control" mode).

Foxpass allows you to allow devices on your network by matching their MAC address prefix. You can also set RADIUS attributes for different device types.

1. Get a list of MAC addresses

First, get a list of MAC addresses for your different devices. Figure out if you can group different device types using a common set of prefixes. Otherwise, you can just compile a list of full MAC addresses.

2. Create a MAC Entry

Create a MAC Entry on the MAC Entries page. Make a separate entry for each device type and enter in the corresponding MAC addresses and prefixes for the device.

3. Enter in the prefixes

Add prefixes to the entry as needed. You can use colons, periods, or dashes to separate characters if desired, but we format the prefixes with colon separators when saving it into our database. Remember, prefixes will match longest first. For example:


MAC Entries

If a device with the MAC address that begins with "11:aa" tries to connect, it would match with the "VOIP Phones" entry. If a device with the MAC address "11:xx:xx:xx" tries to connect, it would match with the "Apple TV" entry.

4. Optional: Add MAC entries to RADIUS attributes

You can also have RADIUS attributes return different values for different MAC entries. See the Enabling RADIUS Attributes page for more information.