Hello!
I'm trying to provide a seamless Wi-Fi connection to our corporate Mac's. Currently to connect them to corp Wi-Fi network we have to create dummy AD accounts. I would like to remove this requirement and instead have them join based solely on the fact that they have the internal certificate from our CA (this is pushed via JAMF).
Currently we have a policy set in ISE for 802.1x - in the Authentication Policy we have a rule which has a condition of EAP-TLS which then links to a Certificate Authentication profile which specifies AD as the Identity store. This works perfectly for our Windows AD clients.
Is there a way I can add a new Authentication Policy into this Policy Set which will catch the Mac OSX devices, check the cert is valid and then permit access? If not, how would it be done alongside the Windows devices?
We have ISE 3.1.0.518 Patch 5
Thanks
Ad
