We're trying to integrate our MDM solution with our existing ClearPass-authenticated wireless environment. The idea is that when any device connects to our SSID, if it is not MDM-enabled (as identified by ClearPass), it is given a user role which forces redirection to a captive portal where it can be enrolled with the MDM solution.
The complication is that our wireless VLANs are not configured locally on the controller, but on the switches. I understand that the (captive portal) VLAN where devices can enroll, should be configured locally on the controller. However, for devices that are enrolled, we wish them to go straight to a VLAN that is not configured on the controller. Is this possible?