Can anyone tell me if it is possible to restrict wireless devices network access based on their OS version? I am building a wireless ISE deployment that will service iOS devices and Android using CWA and the guest portal and I'd like to prevent devices of older OS version from access, for example, only allow iOS version 5 and up, and Android OS version 4 and up to connect to the wireless network.
I am pretty sure it would be done as a profile condition, but I am just not sure how to configure the condition.
There might be a way to look at the http string that is sent at times they ios version is embedded but I havent had a chance to verify if it accuratley reflects the version or not. If you take some captures (safe) or trust a website (can search google for "whats my user agent" that will tell you what your user agent is, you can set those as profiling conditions and then policies and reference those in your authorization policies.
I just went online and check my user agent and it says Android 4.2.2 and verfied that my OS version is 4.2.2.
Thanks for the prompt response. I had figured that the user agent would be the go. When I look at the configuration for the profile condition for the user agent string, when you select the operator to use, there are 5 options:
I am assuming that I would use the GREATTHAN operator. I am going to test this in a few hours so I will report back the outcome.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :