09-06-2018 01:06 PM
I am new to ISE and have been reading up on profiling and posturing. I am wanting to come up with a configuration where ISE blocks certain mobile devices from getting network access. IE Apple or android. Would it be best to use profiling to identify the endpoint and apply a policy or use some sort of posturing configuration? Thoughts...
Solved! Go to Solution.
09-06-2018 04:37 PM
09-06-2018 02:07 PM
What are they trying to access the corporate SSID? If so, I am guessing you are allowing PEAP Domain User authentication to your corporate SSID. While you can block devices from connecting based on profiling the correct solution is to stop allowing PEAP Domain User authentication. Typically, we only want to allow corporate devices onto the secure SSID and look to PEAP Computer or EAP-TLS to solve this challenge.
09-06-2018 03:44 PM
09-06-2018 03:59 PM
09-06-2018 04:37 PM
09-06-2018 05:01 PM
09-06-2018 05:18 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide