Welcome to BYOD.
We're using ISE for this as well.
Regards,
Jay McMickle- 2x CCIE #35355 (R/S,Sec)
Sent from my iPhone 5
On Jun 19, 2013, at 6:13 AM, Thomas Perrier <thomas_at_perrier.name> wrote:
> On Wed, Jun 19, 2013 at 11:41 AM, Vibeesh S <vibselva_at_gmail.com> wrote:
>> I am not an expert on WLANS.
>> We have a network with 5508 WLC and cisco 12xx AP.
>> WE are using cisco ACS with aironet authentication.
>> All laptops should have a certifcate installed to acces the network and we
>> need to key in our LDAP username password to gain access to the network.
>>
>> Unfortunately all android and iphones gain access to the network withouth
>> the certificate. Any bright ideas on how to block to this.
>
> Two options are:
> - switch to EAP-TLS (you're probably using PEAP right now): clients
> are required to have a device certificate, which the random mobile
> phone won't have.
> - install ISE, which can identify and classify devices
>
> -Thomas
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Jun 19 2013 - 07:52:49 ART
This archive was generated by hypermail 2.2.0 : Mon Jul 01 2013 - 06:58:42 ART