#1 With mac address filtering there are the following problems/issues:
a) Regardless of the type of encryption (Wireless encryption types include WEP, WPA, WPA2) mac address(es) are always sent in the clear!
b) Not only it is possible to spoof/clone a mac address in a NAT router..
For example as noted as shown at »
ui.linksys.com/files/WRT ··· nMAC.htm..it is also possible to spoof/clone the mac address on a computer!
c) If an attacker user does not know how to spoof/clone a mac address without encryption: While they can not use your network, they can see what you are doing!
#2 So just use the highest level of wireless encryption that all of your gear supports.