Showing results for 
Search instead for 
Did you mean: 

Using hotspot services on an open SSID to provision mobile devices.

New Contributor III

We have a client who want to deploy AirWatch MDM. In order to get the provisioning files to the Mobile devices, would I be correct in setting up a Hotspot services on an open SSID that pushes the user to the AirWatch page?

I've set this up in-house with a test Hotspot services that pushes clients to our OWA page. I can login successfully and entering any URL in to the browser pushes the client back to the OWA page.

Running an IP scan gives responses from every IP on the subnet from the Hotspot. Can this be further locked down to only allow communication between the client and the OWA server? I've added the subnet in to restricted subnets ( but I still get a ping response.

New Contributor III
Turns out Wireless Client Isolation is configurable under the Hotspot, rather than in the WLAN area.
The other recommended setting is to run the provisioning side of things in an isolated VLAN.

Esteemed Contributor II
You should be able to use an 802.1x WLAN, configured with a RADIUS server using AD as the backend. Then, it appears that Air-Watch MDM runs over another layer of client/server communications when the authenticated client runs some agent.

Ruckus has not tested and does not guarantee that "AirWatch MDM" will work.

I cannot give any advice or suggestion for your HotSpot approach.