03-30-2015 03:04 AM
We're trying to integrate our MDM solution with our existing ClearPass-authenticated wireless environment. The idea is that when any device connects to our SSID, if it is not MDM-enabled (as identified by ClearPass), it is given a user role which forces redirection to a captive portal where it can be enrolled with the MDM solution.
The complication is that our wireless VLANs are not configured locally on the controller, but on the switches. I understand that the (captive portal) VLAN where devices can enroll, should be configured locally on the controller. However, for devices that are enrolled, we wish them to go straight to a VLAN that is not configured on the controller. Is this possible?
03-30-2015 04:45 AM
The VAP is configured in split tunnel mode already. My question is whether I can achieve this captive portal user role for non-MDM-enrolled devices without having the VLANs configured on the controllers? The reason I ask is that each of our remote locations use the same VLAN ID, but have different subnets as defined on the local switches.
I should point at that I'm not using the captive portal for authentication, but for redirection to MDM enrollment page.