03-10-2014 11:15 AM
I have CPPM- Cisco WLC setup as mentioned ;
One Guest SSID for auto-registration
One Onboarding SSID
Requirement : Restrict onboarded device from connecting to Guest SSID. ( Guest SSId has open internet and Onboard has restricted)
Guest and onboard are using same authorization service. How to separate these services as if I create two different services both guest and onboard goes through first service only.
when we select Onboard Repository as authorization source it does not give option like if device is present/not present in Onboard Rep for any enforcement.
03-10-2014 11:20 AM - edited 03-10-2014 11:23 AM
Take a look at this post. You can follow some of the same logic except instead of using the custom attribute, try using:
In theory you could check for any of the generic onboard attributes with the EXISTS check.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP