Wifi access - Single SSID - multiple subnet filtered by device type


I wanted to ask for ideas on the subject argument. 

I'd like to avoid to have multiple SSID in my premises.

My idea is to have one SSID with WPA2 Enterprise ( radius auth ) for laptops and mobile smartphones. I need to "filter " laptops in a different subnet from smartphones and apply different policies.

I can filter using laptops Mac addresses if needed

So a laptop with a specific Mac address must go in the subnet1 and a smartphone goes to subnet2 

Is it possibile with Sophos tools only ?

Best Regards

Edited TAGs
[edited by: Erick Jan at 1:38 PM (GMT -8) on 7 Feb 2024]