01-29-2015 08:06 AM
ONBOARD USING DUAL SSID
This topic is about Device onboard using two SSID.
SSID used here
- BYOD-A [Open network ]
- BYOD-B [Secured with WPA2-AES]
- Log in to the CPPM and go to Home » Onboard + Work
space » Onboard/MDM Configuration » Network Settin gs
Put the name of the 2nd ssid & select ‘automatical
- Now go to next tab and configure as per your requi
- Open the windows tab
- Follow this path Home » Onboard + Workspace » Depl
oyment and Provisioning » Provisioning Settings
Careful about page name, because this name will be
In here it is device provisioning, so the redirect
- Go to Home » Onboard + Workspace » Deployment and
Provisioning » Configuration Profiles and choose y ou Provisioning profile.
- Open Configuration » Enforcement » Profiles » Here I’ll configure one enforcement profile.
- Now go to Configuration » Enforcement » Policies »
to configure an enforcement policy & configure tw o authentication method, PAP & EAP-TLS.
- Switch to Configuration » Identity » Local Users a
nd assign the same role as assign in policy.
- Open Configuration » Services » and configure a s
- Here I added two SSID in service , so that the 2nd
service is not required.
- Check the configuration of rest of the service
- Here I’m using only two authentication method beca
use 1st time due to captive portal user will use P AP, & in meantime when using quickconnect app it’l l complete another authentication using PAP, after that it will use EAP-TLS to complete onboarding.
- Now log in to controller to configure WLAN profile
At first I’ll connect to BYOD-A [open network]. Yo
Here it’s showing me warning that, you may attempt
NOTE: This tutorial may have some flaws.
There are probably alternative or better ways of achieving this.
Solved! Go to Solution.
05-15-2017 07:48 AM
How would you do this using Instant? I followed all the steps for CPPM and created 2 SSID on my IAP. I'm struggling with the roles I need to assign on the IAP for the different SSID.
Is it correct to assume my guest SSID has a pre-auth role of guest_logon and default role of guest and my secure SSID just has an authenticated role?
05-15-2017 07:54 AM
* When the user connects to the Guest SSID it will redirected to the Guest Captive portal page (Pre-Auth role)
* You will need to place a link in the Guest Captive Portal page for users to reach the onboarding page
* The user will go through the onboarding process (Will be using the onboarding services)
* once completed the user will have configured the EAP-TLS SSID and should hit the 802.1x service and during this process you can return a user-role back to the VC
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
05-15-2017 07:55 AM