I have help my customer create a User-Derived Role to deny the smartphone and tablet access the "Office SSID", which is based on OS DHCPfingerprint. But now my customer want to allow few tablet user access to "Office SSID". I did try to create a policy to allow few tablet user allow to access "Office SSID" based on the device IP address, but have some problem:
1. Cannot straightaway connect to "Office SSID", need to connect to "Guest SSID" first then disconnect it and connect back to"Office
SSID" it work fine. "Guest SSID" authentication use WPA2 and "Office SSID" use 802.1x. (At Building A)
2. If user move to "Building B" the tablet user not able to access "Office SSID, because "Building B" doesn't have "Guest SSID" cause
office policy not allow.
Is there any other way to allow few tablet user (Android OS) to access "Office SSID" but still deny access for all other tablet user?
Please advise