Security

I need to understand how to deploy onboard with Cisco WLC on single secure SSID and also how to diffrentiate between corporate devices and non corperate devices.

What type of devices are you trying to Onboard?

Are you using an MDM solution today?

Windowos 7,8,10 and MAC OS,IOS and Android

no MDM solution

How are you managing corporate assets?

You have a couple of options:

- If you are planning to just onboard BYOD (non-corporate devices) then you need to know what devices are considered corporate (using an MDM solution allows you to identify what's consider non-corporate vs corporate and makes things easier for you since there's no manual process )

- If you only have Windows domain devices as your corporate devices those are easy to identify because those perform machine authentication and you can use that in your enforcement policy to prevent those devices to get onboarded .

- If you have other non-domain devices as corporate devices and you don't have an MDM solution then you need to collect the mac addresses and use that as an authorization mechanism to bypass the onboarding process

The mac addresses can be imported to ClearPass Guest Device Repository or the Static Host List

To answer the first part of your question, please check the Aruba Solution Exchange solution: Cisco WLC Single SSID Onboard, to get started with the configuration.

dears I tried follwoing the same as ASE but no redirection happened and also it gave direct internet access

hi

 

Have you managed to get this working? i am sitting with the same issue.