Wireless Access

I have the need to allow Amazon Echo devices to use guest wireless which is a Captive Portal, onto the Guest wireless without using the Captive Portal, is this possible? Has anyone accomplished this?

You could enable MAC Authentication on Guest Wireless. Then devices connecting with try and MAC-Auth first, and then perform Captive Portal.

If you are using ClearPass, you can create a new service to process MAC Authentications coming from the same SSID, and you can either use a static host list, or use the Guest Device Repository to provision the devices.

So in either of those scenarios I would need to know the mac addresses? or do you know if there is a way to profile echo devices.

ClearPass has a profiling capability within a service, that may be able to distinguish Echo's from other devices. I would connect an Echo and take a look at how it is profiled. I would also look at the Access Tracker details for the Echo to see if there are attributes that would allow you to distinguish them from other devices. If you are able to profile them, or find something unique about them, then you can use those attributes or fingerprint as logic in the enforcement policy that would result in a unique enforcement profile for the Echo devices.

I hope this helps,

I just found this in the fingerprint database on a ClearPass 6.8.4.120034 server.

I hope this helps,

So adding that as an additional authentication source is all I would do?

If you are validating each MAC address individually, you would use MAC authentication, if you are fingerprinting and using profiling, then you would enable profiling and authorization in the service and do authorization based on the fingerprint. I don't have any specific examples to show you but you should be able to find something online or maybe someone else has one that they can share with you.

I hope this helps,