CommScope RUCKUS Community Forums

marko_markovic_ · ‎05-30-2017

Hi everyone,

I have recently seen this video here: https://www.youtube.com/watch?v=9AUki6_lJPA

So, in short - the guy makes 3 wlans and 3 roles so that each role can connect just to 1 wlan. And then he makes a provisioning hotspot where users authenticate using username and password, and get automatically redirected to their wlan (zero-it activation). Can someone point out to me what are the benefits of this approach compared to not having a provisioning wlan, but instead users connect to their wlan and then autenthicate there using a username/password combination (802.1x using internal database on the controller).

It seems to me that it's just one wlan more (the hotspot) for the same service, but surely I'm wrong.

Thanks

michael_brado · ‎05-31-2017

Hi Marko,

Using 802.1x with userid/pw and assigned roles is great security, your AAA server
can pass back attributes to set lots of things from VLAN to permitted WLANs, etc.

Zero-IT is often used for multiple device access permissions, like your phone and
laptop, onto a WPA2-PSK type WLAN and works well for Education and Hospitality
deployments. One solution is to use a HotSpot WLAN to redirect clients to the Zero-IT
provisioning utility.

irvan_irvan · ‎06-02-2017

This is the powerfull feature. For example you want create ssid for Employee(integrate with Active Directory) & Guest on 1 onboarding portal. The step is create:
1. SSID Employee (integrate with AD or other AAA)
2. SSID Guest (Voucher or Selfservice)
3. SSID Onboarding Portal

With Zero-IT, client connect to the SSID Onboarding portal and choose "Register Device"(Employee) or "Guest Access"(Guest) . The result is Client will automatically redirect to ssid Employee/Guest

CommScope RUCKUS Community Forums

why byod provisioning