marko_markovic_7lh3o2s2ra1bf's profile

Tue, May 30, 2017 8:35 AM

why byod provisioning

Hi everyone,

I have recently seen this video here:

So, in short - the guy makes 3 wlans and 3 roles so that each role can connect just to 1 wlan. And then he makes a provisioning hotspot where users authenticate using username and password, and get automatically redirected to their wlan (zero-it activation). Can someone point out to me what are the benefits of this approach compared to not having a provisioning wlan, but instead users connect to their wlan and then autenthicate there using a username/password combination (802.1x using internal database on the controller). 

It seems to me that it's just one wlan more (the hotspot) for the same service, but surely I'm wrong.

Brand User

Former Employee


2.6K Messages


44.8K Points

5 y ago

Hi Marko,

   Using 802.1x with userid/pw and assigned roles is great security, your AAA server
can pass back attributes to set lots of things from VLAN to permitted WLANs, etc. 

    Zero-IT is often used for multiple device access permissions, like your phone and
laptop, onto a WPA2-PSK type WLAN and works well for Education and Hospitality
deployments.  One solution is to use a HotSpot WLAN to redirect clients to the Zero-IT
provisioning utility.

16 Messages


244 Points

5 y ago

This is the powerfull feature. For example you want create ssid for Employee(integrate with Active Directory) & Guest on 1 onboarding portal. The step is create:
1. SSID Employee (integrate with AD or other AAA)
2. SSID Guest (Voucher or Selfservice)
3. SSID Onboarding Portal

With Zero-IT, client connect to the SSID Onboarding portal and choose "Register Device"(Employee) or  "Guest Access"(Guest) . The result is Client will automatically redirect to ssid Employee/Guest

Important Announcement