Support Required for MAC-Based Authentication with 6,500 MAC Entries

Md_Anwar_Hossain · January 29, 2026, 2:55pm

Hello Cambium Enterprise Wi-Fi Expert,

We require MAC-based authentication, in which only the listed MAC addresses are allowed to end device association with the SSID.

To achieve this, we tested two different configuration methods:

1. Association ACL method:
We added MAC addresses under Association ACL and also under WLANs > Access Control > MAC Authentication > cnMaestro.
However, this method is not fulfilling the requirement, as clients are still able to associate even when the MAC address is marked as blocked in the Association ACL.

2. MAC Authentication (Allow list) method:
We added MAC addresses under WLANs > Access Control > MAC Authentication > Allow.
This method is working correctly and fully meets the customer’s requirement.

The challenge with method 2 is that the maximum supported limit is 1,000 MAC entries,

We requires 6,500 MAC entries.

Could you please advise how we can implement MAC Authentication (method 2) for 6,500 MAC addresses?

Regards

Anwar Hossain

CAM_TSK · January 29, 2026, 3:56pm

@Md_Anwar_Hossain
Please confirm if allowed MAC address are same across all APs.

If yes, please use cnMaestro based ACL.

Enabled in WLAN

image2041×828 53.9 KB
Configure in cnMaestro

Md_Anwar_Hossain · January 29, 2026, 4:31pm

MAC addresses are the same across all APs. but for a different SSID

CAM_TSK · February 3, 2026, 5:00pm

Hope MACs are unique per SSID.

SSID 1
- MAC 1
- MAC 2
SSID 2
- MAC 3
- MAC 4
  If yes, you can use cnMaestro based ACL.