Hoping someone here might have an answer to this. When a client is Onboarded, the MAC address of the device is placed into the SAN field (Certificate:Subject-AltName-DirName-OnboardMACAddress) of the certificate. Is there a way either through a role mapping or through an enforcement policy to verify that the requesting device MAC (Connection:Client-Mac-Address-Colon) is the same MAC that is listed in the SAN?
Yes, you can, however not all iOS devices have the MAC in the cert.
Any hints on how to accomplish this? Never mind, the image was not showing up.
Thats the same configuration I have except it does not work. Do you have any other ideas?
I guess I lied when I said mine was the same. I was using EQUALS, should have been using EQUALS_IGNORE_CASE.
Thanks for your help, working like it should.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.