cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

751
Views
0
Helpful
1
Replies
ajc
Rising star
Rising star

About Android 11 connecting to PEAP SSID but "do not validate certificate" option eliminated

Hi all,

 

I have an non elegant solution in mind for this issue on BYOD Android devices running version 11 and unable to select the "do not validate certificate". I understand this improvement on the version adds more security to the enduser connection but implementing a solution that can be easily managed by a non technical enduser does not look that simple.

 

We have our own PKI signed cert for EAP on ISE 2.7 and changing it to a public CA one (like entrust) is not an option for BYOD because open the door to another private SSID/Subnet using EAP-TLS.

 

Wondering if there is anything like Onboarding on ISE that we could use to overcome this issue on BYOD devices. I am still exploring options.

 

thanks in advance.

1 REPLY 1
ajc
Rising star
Rising star

There is another post about the same subject. Following that one.

Content for Community-Ad