https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365956#M599665 <P>I know your mac randomization is answered but on a separate note, won't recommend doing BYOD, it's not as smooth as it used to be because of all added security, I did it recently for a customer and users had to go through about 20 clicks before they are issued a cert and can connect, back in the day it use to be about 6 clicks.&nbsp;</P> Thu, 29 Jan 2026 03:41:30 GMT Ambuj M 2026-01-29T03:41:30Z https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365940#M599663 <P>Dear all ,&nbsp;</P><P>i have problem with BOYD with IOS&nbsp;</P><P>i implement BYOD with Dual SSID&nbsp; with mscap not tls (customer need <span class="lia-unicode-emoji" title=":beaming_face_with_smiling_eyes:">😁</span>)and in the authiz policy i put condition the endpoint must be in the group called registered device .</P><P>the problem is when the user try to reg for the guest SSID he regi with mac address than when he redirect to the new SSID he use another mac address that not reg .. i&nbsp; solve this problem by edit the setting of the phone to use off in the mac address ..</P><P>is there any another solution i can make from ISE side ?</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="SaeedAbdElhalimHamada_0-1769649419238.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/258768i97BE93469ED8DE5A/image-size/medium?v=v2&amp;px=400" role="button" title="SaeedAbdElhalimHamada_0-1769649419238.png" alt="SaeedAbdElhalimHamada_0-1769649419238.png" /></span></P><P>&nbsp;</P> Thu, 29 Jan 2026 01:19:06 GMT https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365940#M599663 Saeed Abd Elhalim Hamada 2026-01-29T01:19:06Z https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365951#M599664 <P><A href="https://community.cisco.com/t5/security-knowledge-base/random-mac-address-how-to-deal-with-it-using-ise/ta-p/4049321" target="_blank">https://community.cisco.com/t5/security-knowledge-base/random-mac-address-how-to-deal-with-it-using-ise/ta-p/4049321</A></P> Thu, 29 Jan 2026 02:32:59 GMT https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365951#M599664 Greg Gibbs 2026-01-29T02:32:59Z https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365956#M599665 <P>I know your mac randomization is answered but on a separate note, won't recommend doing BYOD, it's not as smooth as it used to be because of all added security, I did it recently for a customer and users had to go through about 20 clicks before they are issued a cert and can connect, back in the day it use to be about 6 clicks.&nbsp;</P> Thu, 29 Jan 2026 03:41:30 GMT https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5365956#M599665 Ambuj M 2026-01-29T03:41:30Z https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5366094#M599670 <P>Exactly this ^ Never attempt BYOD in 2026. OS vendors have (correctly) implemented security controls that essentially make BYOD on modern endpoints a non-starter. Use an MDM instead.</P> Thu, 29 Jan 2026 16:11:06 GMT https://community.cisco.com/t5/network-access-control/boyd-with-ios/m-p/5366094#M599670 ahollifield 2026-01-29T16:11:06Z