We have no specific role outside of our regular roles. We do have to
configure the Agent Login setting for the operating systems as to not
require the use of the Agent. There isn't anything specific we do to
catch the MAC address, but rather rely on NAC to do it.
After a user logs in on their device are you able to view them in the
Certified Devices list?
Also, we are currently running 4.7.2.
Dan
On 3/17/2011 8:41 AM, Don Click wrote:
I have 2 quick follow up questions then --
1.Did you have to create a user role for this?
2.How did you catch the MAC address? When my users are logged in, I
don't see any of the users with the iphone/ipad in my reports or
active users.
The biggest issue I have is that when these users connect via VPN over
3G -- I cant find the MAC address to exclude/certify them.
*From:*Cisco Clean Access Users and Administrators
[mailto:[email protected]] *On Behalf Of *Dan Taube
*Sent:* Thursday, March 17, 2011 8:15 AM
*To:* [email protected]
*Subject:* Re: iPhones/iPads
We exempt certified devices for the MAC_ALL operating system once they
have successfully logged in once in the semester. The option is
located under Clean Access -> General Setup -> Web Login and named
"Exempt certified devices from web login requirement by adding to MAC
filters."
We also do this for WINDOWS_ALL and and LINUX (Android devices).
Dan Taube
University Computer Help Desk
Illinois State University
On 3/17/2011 7:54 AM, Don Click wrote:
How do you guys handle these devices?
I have a couple of user pages set to check the OS via the Web Client,
and that seems to work, but I have been asked if there is a way to
"bypass" that -- essentially exempting the iphone/ipad and letting
them in.
Now, this is for in-band only over a VPN connection, as I don't
currently have out-of-band setup.
Thanks.
Don Click
Senior Infrastructure Manager
Department of Technology Services
Denton County, Texas
Office: (940) 349-3020
