Cisco Cisco Identity Services Engine 1.2 Guía De Información
13
Cisco Identity Services Engine Network Component Compatibility, Release 1.2.x
OL-27042-01
Supported Devices for On-Boarding and Certificate Provisioning
Supported Devices for On-Boarding and Certificate Provisioning
Cisco Wireless LAN Controller (WLC) 7.2 or above support is required for the BYOD feature. Refer to
the
the
for any known issues or caveats.
Requirements for CA to Interoperate with Cisco ISE
While using a CA server with Cisco ISE, make sure that the following requirements are met:
•
Key size should be 1024, 2048, or higher. In CA server, the key size is defined using certificate
template. You can define the key size on Cisco ISE using the supplicant profile.
template. You can define the key size on Cisco ISE using the supplicant profile.
•
Key usage should allow signing and encryption in extension.
•
While using GetCACapabilities through the SCEP protocol, cryptography algorithm and request
hash should be supported. It is recommended to use RSA + SHA1.
hash should be supported. It is recommended to use RSA + SHA1.
•
Online Certificate Status Protocol (OCSP) is supported. This is not directly used in BYOD, but a
CA which can act as an OCSP server can be used for certificate revocation.
CA which can act as an OCSP server can be used for certificate revocation.
Table 9
BYOD On-Boarding and Certificate Provisioning - Supported Devices and Operating Systems
Device
Operating System
Single SSID
Dual SSID (open >
PEAP (no cert) or open
> TLS)
PEAP (no cert) or open
> TLS)
Onboard Method
Apple iDevice
iOS 10
1
, 9.x, 8.x, 7.x,
6.x, 5.1, 5.0.1, 5.0
1.
Tested with Cisco ISE, Release 1.2.1 patch 7.
Yes
Yes
2
2.
Connect to secure SSID after provisioning
Apple profile
configurations (native)
configurations (native)
Android
2.2 and above
3
3.
There are known EAP-TLS issues with Android 4.1.1 devices. Contact your device manufacturer for support.
Yes
Yes
Cisco Network Setup
Assistant
Assistant
Barnes & Noble Nook
(Android) HD/HD+
(Android) HD/HD+
4
4.
Barnes & Noble Nook (Android) works when it has Google Play Store 2.1.0 installed.
—
—
—
—
Windows
Windows XP, Windows
Vista, Windows 7,
Windows 8, Windows
10
Vista, Windows 7,
Windows 8, Windows
10
Yes
5
5.
While configuring the wireless properties for the connection (Security > Auth Method > Settings > Validate Server Certificate), uncheck the valid server
certificate option or if you check this option, ensure that you select the correct root certificate.
certificate option or if you check this option, ensure that you select the correct root certificate.
Yes
SPW from Cisco.com
or Cisco ISE Client
Provisioning feed
or Cisco ISE Client
Provisioning feed
Windows
Mobile 8, Mobile RT,
Surface 8, and Surface
RT
Surface 8, and Surface
RT
No
No
—
MAC OS X
6
6.
If you are using Mac OS X clients with Java 7, you cannot download the SPWs using Google Chrome browser. Java 7 runs only on 64-bit browsers and
Chrome is a 32-bit browser. It is recommended to use either previous versions of Java or other browsers while downloading the SPWs.
Chrome is a 32-bit browser. It is recommended to use either previous versions of Java or other browsers while downloading the SPWs.
10.6, 10.7, 10.8, 10.9,
10.10
10.10
Yes
Yes
SPW from Cisco.com
or Cisco ISE client
provisioning feed
or Cisco ISE client
provisioning feed