04-01-2019 07:32 AM
We have a case where we got employees and students authenticating with a Radius server, but have issues with certificates for the Radius server. We deploy certificate to domain computers with GPO to allow these computers to connect to the network without the user needing to supply credentials.
Our students' computers may connect to the network, however both employee and students smartphones will not communicate with the Radius server due to certificate issues. To connect a smartphone to our network we need to install the same self-signed certificate as deployed with GPO.
We wish to avoid manually installing the certificate, but still authenticate with Active Directory user accounts.
In addition we wish to automatically move mobile devices to a different network/vlan than computers.
Can you please advice on how we can achieve this?
04-01-2019 09:00 PM
There is no way to push a certificate out to client devices via the HiveManager, so you would need to manually install those certs on the client devices if they are required for your Radius authentication. Once that is set up, we can use client classification to move mobile devices to a different VLAN, while using the same SSID.