I have create User Rules as attached screen capture. But those Apple iOS and Android user still get the "Authenticated" role instead of "BYOD_Deny" role. Which iOS and Android device still "Authenticated" role from 802.1x Authentication Default Role.
I already define the User Derivation Rules under "AAA Profile".
Please advise.