2 factor authentication PSK with Radius problem

  • 3
  • Question
  • Updated 3 years ago
Hi all, I am deploying Aerohive AP230 with VA Hivemanger both in version 6.6r1 and Airwatch 8.0 all of them are the latest version, i cased a problem with two factor authentication.
The SSID setting are WPA2 PSK with captive web portal + user authentication and MDM enrollment. No any firewall policy added.

The situation is:
The mobile client which is turned off data or in airplane mode that associated with the SSID and passed the WPA2 PSK, then web browser will forced user to the captive web portal to do the radius user authentication. But if the user ignored the captive web portal, i mean do not enter anything or do not pass the user authentication. 
The client still can have data traffic such as ping action, google map apps can full access, or youtube app can load the content etc.it's means the two factor authentication are nothing.

i would like know is there any step i can take to add a policy to deny traffic when only at passed WPA2 PSK status or is there any action to add a policy to deny traffic when passed the WPA2 PSK and user authentication status. It was because this still happened when the device do no have enrollment status, also made the MDM enrollment are nothing.
Photo of Fa Chan

Fa Chan

  • 1 Post
  • 0 Reply Likes

Posted 3 years ago

  • 3

There are no replies.