Accessing a network via a fixed MAC Address


#1

Hi everyone,
my problem is as following:
To access a network, I´ve got a MAC Address to use. Sounds weird, but atm this is the only way for me to access the network as our head of IT (IT more or less is just this one guy) is not reachable (to include my (new) device into the MAC filter. I´ve tried everything to get ‘wlan-sta’ to use this MAC Address, but i just can´t connect to the network. I had the idea to add the address to the dropdown list in MAC Clone, but i don´t know how to do it. :frowning:

Have a nice day, :slight_smile:


#2

You should be able to do it via Luci (Advanced Settings Menu) under Network > Interface > (Interface you wish to change MAC for) > Advanced Settings > Override MAC Address


#3

In firmware v3.x you can write your own Mac in the drop down list.


#4

Maybe you can but it isn’t easy or obvious - if you delete the current MAC it will NOT allow you to enter your own.


#5

If the GUI won’t let you do it, it can be done in /etc/config/network and/or /etc/config/wireless by editing that file directly or through use of uci to perform the edits on your behalf.

See https://openwrt.org/docs/guide-user/base-system/basic-networking and/or https://openwrt.org/docs/guide-user/network/wifi/basic and the macaddr option, in particular.


#6

Does your IT guy know you’re putting a router on his network, and is he ok with it?


#7

That’s a total different matter and irrelevant to the original question!
In any case, the IT guy being “unreachable” was a giveaway!


#8

I see questions over on another forum/website where folks want to do similar things without understanding the impact…

A small, yet fully enabled, linux box on a business LAN is an excellent opportunity for haxxoring…

Consider something like the GL-USB150 - looks like a typical USB thumb-drive - but it can be a red-team/blackhat’s wet dream there…


#9

Yes, I understood your point first time but as I said, it’s a different matter and irrelevant to the original question.
Perhaps you’d be happier and with a clearer conscience if you snitched on the OP to the internet police!


#10

Not trying to be the network cop here - just many folks may not fully understand the impact of having a rouge AP on business/enterprise class network.

Getting back to OP’s ask - should be able to clone a MAC address, even if one has to go into the LUCI interface…

If the MAC addr is changed, and still can’t access, there may be additional things that need to be done - many business networks also include a certificate that validates the user on sign in for the network (esp. see this on Windows based networks where there is an Active Directory Server also in place, which can support RADIUS for access control, and some just bind the userid, but others can bing the userid and MAC addr or other unique identifier for the machine.


#11

Hi everyone,
just want to thank you guys: it worked flawlessly! Thanks
Yes, my admin knew about it, we actually talked about it earlier and he wsnted to help me with it, but just wasn´t reachable the day i needed it.