Re: Cisco ISE BYOD wired profile

ipagliani · ‎05-29-2018

Ciao,

Does anyone has implemented BYOD using a wired profile ?

I configured ISE 2.2 p8 with the wireless profile that works, but I can not find any changes on the windows wired 802.1x supplicant.

Any ideas?

Thanks.

hslai · ‎06-02-2018

This depends on client wired configurations before and after.

For example, if before has nothing configured on the wired interface for .1X , then after will find Wired AutoConfig service is running with startup type automatic, and the interface properties show a tab for authentication.

ipagliani · ‎06-03-2018

Ciao,

it means that if the client has already been configured for 802.1x the profile doesn't work ?

hslai · ‎06-03-2018

Similar to Single-SSID wireless BYOD, it's possible for a wired client to start off with a password-based authentication.

Manual configuring the wired DOT1X on Windows client OS is a somewhat tedious task (see Configuring 802.1X Wired Authentication on a Windows 7 Client - Cisco Meraki) so it's easier to have the endpoint not configured at first. Also, if configuring it manually at first, we are not taking as many benefits in using ISE BYOD, that automate the process.

ipagliani · ‎06-03-2018

Ciao,

an thanks but my problem is a little be different.

As I wrote I don't see any change in wired config after BYOD procedures. For Wireless it works.

The clients used are clients where already have dot1x configured. I've just removed manually the config (stop services and unckeck box).

P.S: I'm using EAP-TLS for both wired e wireless with machine authentication.