Block all traffic originating from a MAC address

[markuhde]

Hello, I'm using some cheap AP's that don't have a client block list by MAC address - plus I don't want to have to enter a user in every single AP. I have one rogue AP - it's a Netgear WN2000RPT repeater and I'm trying to figure out how to block all traffic from it. I blocked them from the AP they were connecting to, but now they're connected to a more distant AP and actually just causing MORE of a problem. I need to figure out a way to block not just that MAC from connecting to the Internet (that's done by giving it a static DHCP and a firewall rule to block) but all MAC addresses it repeats... any possibilities there?

[Metu69salemi]

Wireless Lan Controller is one method, another one would be regular site surveys and remove all roques manually.
In addition better control of LAN side would be one, like disabling unneeded switch ports.§

[markuhde]

Yes a controller based LAN would be ideal. This is already setup and was done on the cheap. Next cheap setup will be UniFi probably but I needed the range of the EnGenius product. They're working great but ugh. This is a campground and yeah I'll just hunt the guy down but still I'd rather BLOCK him to avoid the confrontation but I just can't. Oh well, cest la vie.