I created thsi topic as there is no actual documentation for this or at least not that i find... and well any ideas are welcome! to make it work better and also example of usage....Maybe we can all work toguether to make it work :)
Anyways
I got a trial for 30 days and i was able to make it work.... but im sure that not the best practice....
What i did was creating a captive portal and a redirection to the internal webserver... after you succesful log in with the captive portal you get in a role in which you just can see that webserver through an specific port and thats it.
And well it works but i dont think this is how we should deploy this....
I cant find documentation of this.... anywhere....
Id ont know if someone got a better idea on how to deploy this in a way that is easier to the client?
At this point, this is how im working(im just testing not production network) and i find it useful not too much in the corporates(unless you introduce health checkers). But it seems to be useful for university and schools for a more secure network using WPA2 enterprise with EAP PEAP. Instead of using WPA PSK2... this is cheaper than buying the whole BYOD solution i think.
Anyways this is how it works for now for me:
User Side
1-Client will need to connect to an open Wireless network which is named quickconnect
2-Student log in there and he will get a captive portal page, which it will redirect him to the clearpassquickconnnect
3-He download the program
4-he configure it with the assistant, IT department will need to give him a user and password.
5-He provide the user and pass to the program, the thing autoconfigure and voila he is able to connect to the network without being ina domamin.
IT Side after the QuickConnect is configured
1-For each new student he will need to add a user in the active directory(i think its preferred having a separate DC for this)
2-Provide that user and pass to the student.
2-Well thats all he needs to do....
Advantage i see for the IT department
1-More secured Network
2-Less work to do, as he just need to provide a user and password, he does not need to touch students windows, android neither mac laptops or ipads.....
Anyways feedbacks are welcome and if someone is having trouble setting up the webserver for this you can post a message here i can help with that, at least...
Cheers
Carlos