12-08-2018 03:12 AM
Hello Cisco expert team,
I have built one WiFi test lab set-up with dual SSID to test smart phones on boarding , registration, certificate provisioning etc.
I am using two Cisco ISE ( as Admin, MnT and other one as PSN ) on version 2.3, patch 5 with EAP-TLS based authentication.
1st SSID - MAB based authentication for Authenticatio, Registration and cert download
2nd SSID- Dot1x based authentication for Phones registered on 1st SSID.
Now we want to change test lab Dual SSID BYOD set-up from EAP-TLS based process to PEAP and email based authentication where users do not have to to download certificates so that even Android 9 version phone can register too.
Please advise if there any guide pdf available to explain the flow how to make this change .
Solved! Go to Solution.
12-08-2018 04:42 AM
12-08-2018 03:28 AM
12-09-2018 04:06 AM - edited 12-09-2018 04:11 AM
Hi Surendra,
At present, Test lab ISE set-up is integrated with AD/LDAP for providing byod wi-fi services for end user.
We need to move it from AD/LDAP based authentication to email based authentication where user will register their phone using mail id and OTP pasword
EAP-TLS based authentication has following two problem
Android 9 phone mobile registration not working on current ISE infra with version 2.3, patch 5
Dependency on 3rd party SSL certificate to be used for Mobile registration
12-08-2018 04:42 AM
12-09-2018 04:04 AM - edited 12-09-2018 04:16 AM
Hi Jason,
Test lab ise set-up is on version 2.3 patch 5 on which Android 9 version are not supported for wi-fi byod.
Do you have any link which give work around suggests steps with snapshot on how to register Android 9 phones..?
Thanks for providing solutions.
12-09-2018 04:07 AM
12-09-2018 04:52 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide