https://community.cisco.com/t5/wireless/eap-tls-help-needed/m-p/1562221#M10769 <P>I have a lab setup and I am trying to get EAP-TLS working.&nbsp; I have ACS 4.2 running on my active directory machine which is also my certificate authority.&nbsp; I obtained a cert for the ACS and installed it, reset the ACS, then edited the certificate trust list and restarted. </P><P></P><P>I added a user to the AD.&nbsp; I then obtained a cert for my laptop logging into the certsrv as the user and installed it.</P><P></P><P>I added the user to the ACS.</P><P></P><P>When I try to connect from the wireless laptop using EAP-TLS with the wireless profile EAP TYPE set to Smart Card or Certificate the connection fails.&nbsp; I have unchecked validate certficate authority with no luck connecting.</P><P></P><P>When I check the ACS under the failed attemps it says ACS user unknown.&nbsp; This is the same user, all I did was change the EAP type on the laptop.</P><P></P><P>When I set the EAP type to PEAP I am able to get connected with or without validating the server certificate.</P><P></P><P>Any help would be greatly appreciated.</P><P></P><P>Seth</P> Sun, 04 Jul 2021 02:21:33 GMT srosenthal 2021-07-04T02:21:33Z https://community.cisco.com/t5/wireless/eap-tls-help-needed/m-p/1562221#M10769 <P>I have a lab setup and I am trying to get EAP-TLS working.&nbsp; I have ACS 4.2 running on my active directory machine which is also my certificate authority.&nbsp; I obtained a cert for the ACS and installed it, reset the ACS, then edited the certificate trust list and restarted. </P><P></P><P>I added a user to the AD.&nbsp; I then obtained a cert for my laptop logging into the certsrv as the user and installed it.</P><P></P><P>I added the user to the ACS.</P><P></P><P>When I try to connect from the wireless laptop using EAP-TLS with the wireless profile EAP TYPE set to Smart Card or Certificate the connection fails.&nbsp; I have unchecked validate certficate authority with no luck connecting.</P><P></P><P>When I check the ACS under the failed attemps it says ACS user unknown.&nbsp; This is the same user, all I did was change the EAP type on the laptop.</P><P></P><P>When I set the EAP type to PEAP I am able to get connected with or without validating the server certificate.</P><P></P><P>Any help would be greatly appreciated.</P><P></P><P>Seth</P> Sun, 04 Jul 2021 02:21:33 GMT https://community.cisco.com/t5/wireless/eap-tls-help-needed/m-p/1562221#M10769 srosenthal 2021-07-04T02:21:33Z https://community.cisco.com/t5/wireless/eap-tls-help-needed/m-p/1562222#M10770 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>I provided a few links that you may find helpful</P><P></P><P>TLS config example</P><P></P><P><A class="active_link" href="http://www.cisco.com/en/US/customer/products/ps6366/products_configuration_example09186a00807917a6.shtml">http://www.cisco.com/en/US/customer/products/ps6366/products_configuration_example09186a00807917a6.shtml</A> </P><P></P><P>TLS Video </P><P><A class="active_link" href="http://www.youtube.com/watch?v=sazfGz2D3eo">http://www.youtube.com/watch?v=sazfGz2D3eo</A></P><P></P><P>I hope this helps. Please rate helpful post ... Thanks </P></BODY></HTML> Tue, 02 Nov 2010 05:15:33 GMT https://community.cisco.com/t5/wireless/eap-tls-help-needed/m-p/1562222#M10770 George Stefanick 2010-11-02T05:15:33Z