Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
558
Views
5
Helpful
1
Replies

Changing SSID for a client based on device ownership

dashaffe
Level 4
Level 4

‎11-10-2017 12:22 PM - edited ‎02-21-2020 10:38 AM

We are using ISE 2.1

 

I would like to create a new SSID called employee.  When the employee authenticates, if we have identified that the device that the employee is using is owned by the company, we want to continue the authentication process and connect the user to the internal network.

 

If the employee is using a personal device, we want to detach them from the employee SSID and reauthenticate them to a different SSID connected to network which provides internet access, but is "outside" of the organization in terms of traffic flow.

 

I'm pretty sure ISE is capable of doing this, but I am not sure what the feature is I am looking for or how to configure.  If anyone has an example config they can share that would be great!

 

Can anyone offer any insight?

 

Thanks.

 

Dave

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-11-2017 05:26 AM

Sure that is a common use case. You would do something like is described in this thread:

 

https://communities.cisco.com/message/250278#250278

 

Your Authorization result would be to assign the session to the appropriate WLAN ID. Something like this:

 

AuthZ result for WLAN-ID.PNG

 

Customers Also Viewed These Support Documents