I am investigating if it is possible to manage ethernet connections on iOS devices via configuration profiles. This is for an iPad Kiosk setup: iPads connect to the wired network through a powered Lighting to USB 3 adapter and Apple USB to ethernet adapter. This setup functioned well before we enforced Cisco ISE 802.1x authentication across the wired network.
The current workaround is to whitelist the adapters, via MAC, so they can authenticate to the network. This creates extra overhead since the whitelisting has to be completed on the ISE servers and renewed on a regular schedule. If we could manage the 802.1x authentication for this setup with an MDM that overhead would be removed. The wired iOS devices would get their 802.1x settings configuration profiles, just like our current MacOS wired devices and iOS wireless devices.
The blocker is that our MDM solutions do not offer an ethernet payload for iOS devices where we can input the 802.1x settings. WiFi is the only available payload for iOS. iOS devices after 10.2 recognize the network interface in the OS... but only after the adapter is present (think macOS with removable NICs). So it seems reasonable that after the OS has a NIC for "ethernet" listed that we'd be able to do some management to it..Maybe
We have tried using known good a MacOS 802.1x profile on an iOS device, no good.
Any thoughts, comments or solutions are welcome.
On option would be to deactivate 802.1x at the switch for this one, specific port where the iPad is plugged in. In this case you would not have to whitelist any MAC-address, but on the other hand, every device which connects to this specific port would have access to your network. Depending on which kiosk system you use, maybe this would be no problem. For example if the cables aren't visible anyway.
I don't think there would be a specific payload for iPads with LAN connection soon.