none
Wireless Policy

    General discussion

  • Hello There,

    If you want to make a group policy for the wireless SSID's in your network, you have to put all the SSID's in a Profile. However, this is not a secure procedure, because you can have your mobile hotpot name the same name of the restricted SSID you put in the group policy.

    I wonder why Microsoft did not think about putting the allowed MAC Addresses of the AP's I want instead of only allowed SSID's.

    Thank you.

    Abed Jaber

    Sr. Technical Support

    Mobile:  +(962) 787 20 4610

    Sunday, March 08, 2015 8:45 AM

All replies

  • I don't think it's possible to restrict wireless networks based on BSSID, but you can deny achoc and allow infrastructure networks. 

    If you have Lenovo computers you can use Access Connections to control wireless settings which will let you specify preferred AP MAC address.

    If you are using WPA Enterprise you can configure the computer to only authenticate to RADIUS with a trusted certificate.

    Sunday, March 08, 2015 10:26 AM
  • > I wonder why Microsoft did not think about putting the allowed MAC
    > Addresses of the AP's I want instead of only allowed SSID's.
     
    Because MAC addresses can be spoofed as easily as SSIDs.
     

    Martin

    Mal ein GUTES Buch über GPOs lesen?

    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    And if IT bothers me - coke bottle design refreshment :))
    Sunday, March 08, 2015 12:04 PM
  • You can restrict access to certin BSSID than others, the restricted BSSID's will show a red cross mark next to them and they will be disabled.
    Monday, March 09, 2015 1:57 PM
  • Okay, but normal users will not know the allowed MACs' from the restricted MAC's, but they can know the allowed BSSID's from the restricted ones.

    Thanks for reply.

    Abed

    Monday, March 09, 2015 1:58 PM