Wireless Access

We've got an PSK SSID that is being used a a basic guest but we've found out that someone has given out the PSK to go knows who and we've found that the're are loads of Android devices now connected to this SSID and our current policy says only Apple devices are allowed to connect.

Apart from changing the PSK is there anyway of blocking Android devices from having access to the network using PEFNG?

Thanks

Jon 

There´s a thing called "User derivation rules" in the controller that you can play around with to for example put certain mac-address-OUIs into a deny all role.  Look it up in the user guide, unfortunately it does require quite a bit of maintenance to add new OUIs as they pop up on the market.

Another way to go would be to user Clearpass as a profiler and mac-auth server to allow only certain types of devices.

Cheers,

---

@jonchill wrote:

We've got an PSK SSID that is being used a a basic guest but we've found out that someone has given out the PSK to go knows who and we've found that the're are loads of Android devices now connected to this SSID and our current policy says only Apple devices are allowed to connect.

 

Apart from changing the PSK is there anyway of blocking Android devices from having access to the network using PEFNG?

 

Thanks

 

Jon 

---

Please see the dhcp fingerprinting app note here:  http://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/9883/1/AOS-DHCP-FingerPrint-AppNote.pdf