Security

Reply
New Contributor
Posts: 2
Registered: ‎08-15-2014

Multi-factor authentication

We have a group of iPads that need to be restricted to a single SSID.  From what I have been able to research the only way is to exclude them by MAC address from all other SSIDs.  How do I do this?

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Multi-factor authentication

What authentication method are your SSIDs using?

What type of radius server are you using?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 2
Registered: ‎08-15-2014

Re: Multi-factor authentication

We use several different methods.  Our "Secure" SSID requires that the computer be in Active Directory.  We have an alternate "Secure" SSID that uses a pre-shared key.  Our "Guest" SSID requires that the user acknowledge the acceptable use policy on a spalsh screen.  Our "Student" SSID uses a pre-shared key.  We are trying to restrict the iPads to the "Student" SSID.

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Multi-factor authentication

[ Edited ]

Create a User-Derivation rule that references those MAC addresses and puts the user in the denyall role. This will stop them from receiving an IP address thus stopping them from entering the user table. Then in your AAA profiles for the guest and secure networks, select the UDR.

 

udr-denyall.PNG

 

udr-no-tablets.png


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: