We have implemented BYOD with certificates with ISE 1.1.2. After registering the device and installing the certificates for the devices, a network profile is applied that makes the susequent connections to the same ssid use EAP-TLS.
All works as intended, the single problem is that, in order to access the internet, the user should set his proxy manually.
Is there a way to edit the wifi profiles applied by adding a proxy setting?
When using supplicant provisioning you can only set the wireless connection settings, you can not modify or set any proxy settings with ISE. You will need a separate MDM solution for that to work. You can consider using a transparent proxy which is a separate product i.e the Cisco Web Security Appilance.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...