Security

Hi Forum,

2 SSID's TLS and open. What would be the best way to enroll (register) a BYOD device from the secure SSID so I can connect it to the open SSID and get the onboarding workflow.

So employee on the TLS connected device can enroll 1 device on the open SSID. I hope I'm making sense.

 

Thanks,

I'm not sure I'm following. 

 

A standard dual SSID onboard would have a link at the bottom of the open captive portal with a link to the Onboard enrollment workflow.

With dual, employee would have to provide AD credentials on the captive portal. I want to do this without AD but for devices that are pre registered.

The Onboard workflow will always require some type of authentication whether
it be a ClearPass web login, SAML/SSO, or OAuth2.

Thank you for the clarification.

On that note Tim.. On a single SSID solution - how to get single sign-on working for the onboarding workflow using the authentication session from the .1x?

You can use Aruba Auto Sign-On with the caveat that you won't be able to do manual enrollment.