Setup MAC Authentication
MAC Authentication is used for endpoints such as printers, phones, sensors, cameras, and other wired devices connected to the Nile Access Switches that do not support 802.1X authentication. In this case, the MAC address of the endpoint is used to authenticate.
The Nile Access Service supports integrating MAC Authentication with external RADIUS servers, such as Cisco ISE or Aruba ClearPass. This allows organizations to leverage their existing RADIUS infrastructure for MAC-based authentication, while still benefiting from the Nile Access Service's centralized management and policy enforcement. Learn more about RADIUS Powered Authentication.
When using RADIUS-based MAC Authentication, the Nile Access Service supports dynamic segment assignment based on the attributes returned by the RADIUS server. This allows a single SSID to be mapped to multiple segments, with the segment determined by the user or device's identity.
- Login to the Nile Portal and click on the "Settings" tab from the left side navigation pane. Click on Access Management.
- There are four different ways to configure MAC Authentication on the Nile Portal:
- If you already have any wired devices connected to the Nile Access Switches, they will show up on the MAC Authentication page. You can then select those devices and approve, deny, or delete them as needed.
- You can input the OUI (Organizational Unique Identifier) of the devices to approve or deny them. Click on "OUI" from the top-right corner, add the OUI, select the segment, and then approve or deny the devices.
- You can approve or deny all devices in a particular segment by clicking on "All" from the top-right corner. However, Nile does not recommend using this method as it can pose a security risk.
- You can upload a CSV file to specify rules for multiple devices. Click on "Upload CSV" from the top-left corner, download the sample CSV file, create your own file, and then upload it.
The Nile Access Service also offers additional features for managing wired device access, such as the ability to upload pre-approved device lists, enable auto-MAC Auth for specific device types, and configure port locking and geographical restrictions. Refer to the Nile Wired Access Management FAQ for details.
