Wireless Access

Occasional Contributor II

Deny access to Android device

I have 3600 controller with 40 AP. I would like to deny access to ipad, iphone and android devices.

the os on the controller is 6.3. I have Pef licenses  and Ap licenses.

Plesae share the document for setting up the above requirments


Re: Deny access to Android device

If you don't have clearpass please follow this doc and it will guide you how to implement that on the controller:
Thank you

Victor Fabian
Lead Mobility Architect @WEI

Re: Deny access to Android device

Hey victor, great article thanks for this.


I will extend this even further.


Customer of ours using Android tablets wants these devices to be able to only connect to 1 SSID and not another.

I was thinking of utilizing user rules with the MAC address of the tablet to force a specific user role (which is the post-auth role of SSID 2).



SSID 1 using external CP (Guest access)

SSD 2 using WPA2 PSK for tablets (employees)


Tablets not allowed to connect to SSID 1 but I have to find a way from preventing this.


I'll throw in another curveball, tablets can only go to certain websites, company website only and subdomains of it.

Using a netdestination in the ACL with a deny all for the user role would probably accomplish this.

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
Showing results for 
Search instead for 
Did you mean: