cancel
Showing results for 
Search instead for 
Did you mean: 

restrict device type connecting to wireless

restrict device type connecting to wireless

Renne_Stuart
New Contributor
Is there a way of restricting the type of device that is allowed to connect to an SSID? One of our customers has an SSID that is enabled for Radius authentication and unless you have a laptop that is part of the domain it will not be allowed to connect, which is what they want. However the exception to this is if a user has a mobile device such as an android or apple device they are able to download a certificate once they authenticate with their domain credentials and connect. Is there a way of stopping the mobile devices connecting?

Customer comments below:
From what I can tell with the wifi, is that - with or without a Radius policy (if its not a domain joined laptop) you can’t seem to logon with staff or student credentials which is fine. However with Andrio\IOS tested on ipad and phone, you can log onto "staff_SSID" with staff or student credentials and also, even before you get to smoothwall to sign in, Apps will update such as Facebook.

Ideally Id like to lock down the Staff to work effectively without mobile and apple devices being able to connect.

Ipad asks to trust the school DC Cert and then lets you in. Android lets you straight in.

They currently have a v9 wireless controller without NAC.

11 REPLIES 11

Karthik1
New Contributor II
NAC BYOD would be the best solution. But what I would like to check is, anybody here done DHCP fingerprinting before?

-Karthik.

Doug
Extreme Employee
We recommend it and deploy it all the time Karthik, did you have any questions on it?
Doug Hyde
Director, Technical Support / Extreme Networks

Ronald_Dvorak
Honored Contributor
Could you please tell what kind of EAP authentication is used..... PEAP or TLS (username/password or client certificates).

- connect to the staff SSID with student credentials
That sounds like something is not configured correctly as I don't think that a student account should be able to connect to the staff SSID.

-Ron

I'm not sure Ron, ill check and get back to you.
GTM-P2G8KFN