Wireless Access

 View Only

  • 1.  Blocking android devices

    Posted Aug 09, 2016 03:43 AM

    We've got an PSK SSID that is being used a a basic guest but we've found out that someone has given out the PSK to go knows who and we've found that the're are loads of Android devices now connected to this SSID and our current policy says only Apple devices are allowed to connect.

     

    Apart from changing the PSK is there anyway of blocking Android devices from having access to the network using PEFNG?

     

    Thanks

     

    Jon 



  • 2.  RE: Blocking android devices

    Posted Aug 09, 2016 04:34 AM

    There´s a thing called "User derivation rules" in the controller that you can play around with to for example put certain mac-address-OUIs into a deny all role.  Look it up in the user guide, unfortunately it does require quite a bit of maintenance to add new OUIs as they pop up on the market.

     

    Another way to go would be to user Clearpass as a profiler and mac-auth server to allow only certain types of devices.

     

    Cheers,



  • 3.  RE: Blocking android devices

    Posted Aug 09, 2016 07:16 AM
    @jonchill wrote:

    We've got an PSK SSID that is being used a a basic guest but we've found out that someone has given out the PSK to go knows who and we've found that the're are loads of Android devices now connected to this SSID and our current policy says only Apple devices are allowed to connect.

     

    Apart from changing the PSK is there anyway of blocking Android devices from having access to the network using PEFNG?

     

    Thanks

     

    Jon 

    Please see the dhcp fingerprinting app note here:  http://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/9883/1/AOS-DHCP-FingerPrint-AppNote.pdf



Related Content