05-09-2022 12:17 PM
Hello team,
Hope everyone is well.
I want to ignore mobile phones like Android and Iphone from posture and i want to know the best way to perform this.
Actually, i have one SSID (eap-tls) to validate the certificate of my employees notebooks and im checking a few rules with posture module... I want to connect a few phone devices to this same ssid and i want to know the best method for this devices not trigger the "Unkwnows" status in posture. Any tips?
Attached are my 'Policy Sets' and 'Client Provisioning'.
Thanks!!
05-09-2022 01:38 PM
Hi @LKL4 ,
try the following:
1st at Work Centers > Profiler > Profiling Policies, check if the Android and Apple-iPhone policies are enabled.
2nd at Policy > Policy Sets > Authorization Policy, create the following Condition (as an example):
a. (EndPoints.EndPointPolicy Not Equals Apple-Device:Apple-iPhone OR EndPoints.EndPointPolicy Not Equals Android) AND Session.PostureStatus Equals Compliant
b. (EndPoints.EndPointPolicy Not Equals Apple-Device:Apple-iPhone OR EndPoints.EndPointPolicy Not Equals Android) AND Session.PostureStatus Equals Unknown
Hope this helps !!!
05-12-2022 05:39 AM
Hello @Marcelo Morais
Thanks for the support. I will test these rules n my lab.
If i need to add more devices than android/apple in this network with posture, what would you recommend? maybe a new network is needed for non-postured devices?
05-12-2022 12:57 PM
05-09-2022 03:15 PM
Random MAC address renders this null and void.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide