I’ve been trying to protect my home wireless network with both a WPA2
password and an enabled MAC address filter. It seems to work for the more
traditional computers but for many video game systems, smartphones and many
Apple products, they seem to be able to connect using only the WPA2 password.
Why isn’t the MAC address filter preventing these devices from accessing the
network? Does the possession of the password somehow pre-empt the filter?
In this excerpt from
Answercast #94 I look at some issues in setting up a network with MAC
address filtering, and wonder if it is even necessary when WPA2 is already
WPA2 and MAC address filtering
It should not – and unfortunately, without knowing exactly what device you’re using, the only comment I can make about the MAC address filtering is that it sounds like it’s not actually enabled. It sounds like it is not actually doing what it’s supposed to be doing.
Enabling MAC address filtering
The idea is that MAC address filtering restricts the physical access of a device to specific network controllers that have a unique and specific MAC address.
Now, if devices that are not in the MAC address filter (in other words, they’re not explicitly allowed in by the filter) are still able to get in? Bottom line is the filter’s not working. I can’t really help diagnose that any further – other than to say triple check the settings in the router or in the access point that are controlling the MAC address access control.
Is MAC address filtering necessary?
Now, I will say this: I’ve never found it necessary to use MAC address filtering.
The problem, from my perspective, is that so many different devices come and go all the time that it would be a maintenance nightmare to keep track of all the MAC addresses and make sure that the filter was always up to date. It seems like it would be a terrible inconvenience. In particular, since WPA-2 is a great way to make sure that only authorized devices access your network.
So, I would be more than happy to say, just use WPA-2. I believe that is sufficient security for most people in most situations and is certainly the security that I run with here myself at home.
(Transcript lightly edited for readability.)
End of Answercast 94 Back to – Audio Segment