Security

Reply
Highlighted
New Contributor

Multi-factor authentication

We have a group of iPads that need to be restricted to a single SSID.  From what I have been able to research the only way is to exclude them by MAC address from all other SSIDs.  How do I do this?

Highlighted
Moderator

Re: Multi-factor authentication

What authentication method are your SSIDs using?

What type of radius server are you using?


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
New Contributor

Re: Multi-factor authentication

We use several different methods.  Our "Secure" SSID requires that the computer be in Active Directory.  We have an alternate "Secure" SSID that uses a pre-shared key.  Our "Guest" SSID requires that the user acknowledge the acceptable use policy on a spalsh screen.  Our "Student" SSID uses a pre-shared key.  We are trying to restrict the iPads to the "Student" SSID.

Highlighted
Moderator

Re: Multi-factor authentication

Create a User-Derivation rule that references those MAC addresses and puts the user in the denyall role. This will stop them from receiving an IP address thus stopping them from entering the user table. Then in your AAA profiles for the guest and secure networks, select the UDR.

 

udr-denyall.PNG

 

udr-no-tablets.png



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: