MAC address Whitelisting

NOTE: this feature is available on firmware 1.5.9 or later.

1. Feature Overview

1.1 What is MAC Address Whitelisting?

The MAC Address whitelisting feature allows network administrators to control and restrict wireless network access by permitting only specific devices to connect to the CTM-ONE/CTM-500 wireless gateway. This Access Control List (ACL) functionality provides an additional layer of network security by ensuring that only authorized devices can establish a wireless connection.

1.2 Use Cases

MAC address whitelisting is ideal for:

Securing sensitive corporate networks
Controlling access in shared workspace environments
Preventing unauthorized devices from connecting to the network
Reducing potential security risks in IoT and industrial settings

1.3 Scope

This feature applies to both Wi-Fi AP interfaces on the CTM-ONE/CTM-500 wireless gateway, providing comprehensive access control across the entire wireless network infrastructure.

2. Configuration Guide

2.1 Enabling MAC Address Whitelisting

Access the CTM-ONE/CTM-500 wireless gateway administrative interface.
Navigate to Configurations > network > wireless > wifi > General settings.

Click Edit. Toggle the ACL Whitelist option to "Enabled".
- When disabled, all devices can connect normally.
- When enabled, only whitelisted MAC addresses will be permitted.

Once ACL Whitelist option is enabled, proceed to adding devices under the Device list section below.

2.2 Managing Whitelisted Clients

2.2.1 Adding Client Devices

Under “Enable ACL Whitelist”, click +Device button.
Enter Device Name and MAC address.

NOTES:

Make sure device name is unique for each device.
Make sure MAC address format should only be in six groups of two hexadecimal digits separated by colons: 00:1A:2B:3C:4D:5E.
ACL Whitelist Mode can only be enabled successfully when there is at least an enabled device with a MAC address present.

Once devices are added, checkmark the “Enable” column next to Device Name on the left.
Click Save to apply changes.

To remove a device from the ACL whitelist, click the x button on the right hand side of the MAC address. Click Save to apply changes.

3. Obtaining MAC Addresses

3.1 iPhone

Go to Settings > General > About
Scroll to find "Wi-Fi Address" (this is the MAC address)
Alternatively, go to Settings > Wi-Fi, tap the (i) icon next to connected network, and view MAC address

3.2 Android Devices

Method 1:

Go to Settings > About Phone
Look for "Status" or "Network Information"
Find "Wi-Fi MAC address"

Method 2:

Go to Settings > Connection > Wi-Fi
Tap the connected network
View network details to find MAC address

3.3 Windows Laptop

Windows 10/11:

Open Command Prompt

Type ipconfig /all
Look for "Physical Address" under wireless adapter.

4. MAC Address Randomization

4.1 Overview

MAC address randomization is a privacy feature that generates a temporary, random MAC address to prevent device tracking. While enhancing privacy, this interferes with MAC address whitelisting, therefore MAC randomization must be disabled if this feature is used.

4.2 Disabling MAC Randomization

4.2.1 iPhone

Go to Settings > Wi-Fi
Tap the (i) icon next to the network
Toggle off "Private Wi-Fi Address"

4.2.2 Android

Go to Settings > Network & Internet > Wi-Fi
Tap the connected network
Select "MAC address type"
Choose "Phone MAC"

5. Troubleshooting

If a whitelisted device cannot connect, verify:

MAC address is correctly entered
Device's MAC randomization is disabled
Whitelist feature is enabled
Device is within network range