i want to setup a seperate SSID for BYOD registration. This is an open SSID with CWA and then NSP. The only thing i want to implement is to controll that only user in dedicated groups are allowed to onboard a device. I have created two identity groups on ISE "byod" and "vip". Only user in this to groups should be able to join the NSP process.
What authorization policies do i need to implement this ?
