Hi. I have a few questions regarding locking down an Ipad for classroom use (not using school program, its not an official school). First, I am using all meraki gear + SM. MX64, MR42, MS220-8. I also use cisco umbrella for DNS filtering. The first problem is that even though my ipads are locked down to the tilt the user can simply go in to the wifi settings and change the DNS servers away from my own that use umbrella and just change to 8.8.8.8 or something similiar to bypass my blocks. Is there a way to prevent this? (These are supervised DEP Ipads). I recall IOS11 had some new locks regarding DNS but i dont know if this was included. Actually, its all network settings that can be changed, in my classroom they are certainly going to mess these settings up on purpose to cause chaos. I could probably block dns traffic on my security appliance mx64 but id rather not do this, id really rather lock this in the ipad, I dont want people messing with those settings and breaking the ipad connectivity so easily by putting in a dummy dns address. if this is not possible its a huge oversight by apple I would think. Also, if I deploy my ipads using DEP and get meraki profiles loaded on them on first boot, and i uploaded my configurator p12 cert to meraki, should that not let me connect these ipads to my macbook pro which has the p12 cert on it for apple configurator? I have host pairing disabled and when I connect it, it tells me host pairing is not allowed unless I am using the supervision certificate but I thought that was the point of me uploading it to Meraki in the first place? I also had an issue with WIFI whitelisting, what happens is it doesnt get all the profiles loaded and the wifi whitelisting applies and then i lost connectivity and then had to factory restore the ipad to get it working again as it was wiifi whitelisting on with no wifi loaded, is this normal? Thanks
... View more