Security

Reply
MVP
Posts: 85
Registered: ‎03-09-2015

CORP SSID redirect for cert carrying/onboarded devices when attempt to associate to GUEST SSID

As per subject,

If a device is carrying organisation certificate or CPPM OnBoard certificate and attempt to associate to a GUEST SSID (where security is less, say on Internet traffic, not behind organisation content filter, etc) can one force them to associate to CORP SSID ?

Aruba
Posts: 1,548
Registered: ‎06-12-2012

Re: CORP SSID redirect for cert carrying/onboarded devices when attempt to associate to GUEST SSID

No. when a device connects to an open SSID they do not present the cert so CPPM would not know if it is a onboard cert, BUT you can add an attribute to the device when its onboarded and when they connect to the guest SSID (Mac Auth) then you can force them to a captive portal stating they are connected to the wrong SSID.

Tim did a great how to a few years ago that is still relevant.

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Guide-Using-ClearPass-to-steer-users-to-secure-networks-mhc/m-p/144823
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
MVP
Posts: 85
Registered: ‎03-09-2015

Re: CORP SSID redirect for cert carrying/onboarded devices when attempt to associate to GUEST SSID

Brilliant.. exactly what i'm after.  Thankyou.

Search Airheads
Showing results for 
Search instead for 
Did you mean: