We have differents wifi clients Some of them on Android/Apple phones, others on PC Windows. Wifi is authenticated by NPS and we have a DHCP in wwindows server.
We do not trust phone. We want to put Windows PCs on a network and Phones on other network. Is it possible to distinguish each others? with NPS or with a DHCP options? Thanks.
I have not used Aruba gear for networking in actual enterprise applications (only dabbled on GNS3 and other virtualization platforms), but you might be able to do it with your Aruba WLC or AP's. That is assuming you are using Aruba APs.
I use a Cisco WLC in my current environment and it is able to detect mobile devices and then you should be able to segregate them from there. Again, this is on Cisco and not Aruba but I would venture a guess and say that Aruba has the same functionality.
I found this guide which appears to provide some insight on what you are looking for.
From the guide -
You can move all smartphone/mobile devices based on fingerprinting.
DHCP fingerprinting allows you to identify the OS of the device and then a role can be assigned to the device based on the OS.
Hope this helps.
Thank you FRALEWHALE. I ve been able to do that using NPS For domain computers, i use a network policy which attribute a vlan. http://www.hospitableit.com/howto/wireless-802-1x-for-machine-auth-only-using-nps/ https://blog.naglis.no/?p=3816 https://aventistech.com/2020/03/23/setup-nps-with-eap-tls-for-aruba-wifi/ I've deployed computer certificates and a GPO to pilote WIFI connection.
For all others, there is a new NPS rule, phones have to use users credentials. In the future, we will deploy user certificates on phones and linux. Thanks for help