Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
334
Views
15
Helpful
4
Replies

WLAN Profile Config on Endhost

Prasan Venky
Level 3
Level 3

ā€Ž02-10-2014 09:16 PM - edited ā€Ž07-05-2021 12:08 AM

Hi All,

If we want to use SSID with WPA2 security (802.1x) for example, my understanding is we have to create WLAN profile in each and every user's laptop.

But it is not possible to do in a big organization. So is there any possibility to automate that..? Self provisioning ..?

Thanks in advance

Labels:
0 Helpful
4 Replies 4

Victor Vasantha Kumar
Level 1
Level 1

ā€Ž02-10-2014 10:20 PM

Hi Prasan,

Yes, the wireless settings on every laptop needs to be configured.

To make this easy, from the Active Directory you can push a GP update.

This is used to configure the wireless settings on the laptop.

( Ex : Authntication type, Encryption type , Certificate Validation )

Please refer :

http://technet.microsoft.com/en-us/magazine/gg266419.aspx

Ease of management is one advantage. The main benefit through the Group Policy update, the administrator can have a better control over the wireless network. The options for the end user will be pre-configured and grayed out. The end user cannot edit the settings.

You can alos defive preferred networks and deploy certificates using a Group Policy.

Thanks

Victor

<>>

Regards Victor V *****Help out other by using the rating system and marking answered questions as *****Answered"*****

vijay kumar
Level 2
Level 2
In response to Victor Vasantha Kumar

ā€Ž02-10-2014 11:03 PM

Hi Victor ,

What you have suggested is only for windows clients . In few case , What if my users bring their own laptops having OS part from windows . Is there an option to push GPO for non windows clients also ? Or Is it possible to do from ISE through self provisiong of WLAN configuation ...

Thanks ,

Vijay

0 Helpful

Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to vijay kumar

ā€Ž02-10-2014 11:20 PM

HI Vijay,

You can only push the WLAN profile to domain PC via GPO.

But via NEtsh tool you can  you can push wlan priofile to non domain....:

Check here:

http://www.commsolutions.com/blog/articles/two-ways-to-push-wlan-profiles-to-your-windows-devices/

Hoipe it helps.

Reagrds

Dont forget to rate helpful posts

Scott Fella
Hall of Fame
Hall of Fame
In response to vijay kumar

ā€Ž02-11-2014 04:57 AM

Self registration is the way to go with ISE. You need to define your security policies better. You need to have one that profiles your company owned assets and non company owned assets. If users being in their own devices, you really trusting them that they don't have any viruses or malware? Many organizations will have these devices go onto the guest network. You can't push any profile using 802.1x to end devices because they don't have credentials unless your going to allow them to login with their own AD credentials on a non company owned machine. Apple machines it's a manual process, windows you can import but you have to build a profile for xp, win 7 and win 8 and explain how to upload it.

Self registration is your best option here.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card