Hi,
I have an Instant AP 205 as NAD and ClearPass as radius server. I have created WLAN with 802.1X PEAP Authentication. When I connect my domain PC it is connecting and everything working fine.
The problem is when I connect a non-domain laptop or mobile phone to the same PEAP-WLAN, they are also able to connect. I want only domain laptops to connect to the WLAN.
Is there a way we can force the only machine authenticated devices can go to user authentication and connect to the WLAN?
When I connect my mobile, what is happening is it is connecting through User authentication, so if I log in with a domain username and password it is connecting.
Is there a way to restrict only the domain pc's to connect to the network on 802.1X PEAP enabled WLAN using ClearPass and IAP?
I have already enabled enforce machine authentication on IAP but it didn't work.
I am attaching relevant screenshots below. I am primarily from Cisco background and In Cisco ISE in policy sets, we could set that only machine-authenticated device can go to the next step. Is there something similar in ClearPass?
Kindly help me to identify where did I made the mistake.
Thank You.