On Wed, Jun 19, 2013 at 11:41 AM, Vibeesh S <vibselva_at_gmail.com> wrote:
> I am not an expert on WLANS.
> We have a network with 5508 WLC and cisco 12xx AP.
> WE are using cisco ACS with aironet authentication.
> All laptops should have a certifcate installed to acces the network and we
> need to key in our LDAP username password to gain access to the network.
>
> Unfortunately all android and iphones gain access to the network withouth
> the certificate. Any bright ideas on how to block to this.
Two options are:
- switch to EAP-TLS (you're probably using PEAP right now): clients
are required to have a device certificate, which the random mobile
phone won't have.
- install ISE, which can identify and classify devices
-Thomas
Blogs and organic groups at http://www.ccie.net
Received on Wed Jun 19 2013 - 13:13:34 ART
This archive was generated by hypermail 2.2.0 : Mon Jul 01 2013 - 06:58:42 ART