https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487189#M124152 <HTML><HEAD></HEAD><BODY><P>I would setup a new radius login specifically for that client</P><P>and configure all accounts on the client to use</P><P>the same credentials and cert to logon to the wireless network.</P></BODY></HTML> Wed, 16 Jun 2010 17:16:19 GMT Elliott Shawd 2010-06-16T17:16:19Z https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487186#M124149 <P>Quick question for you EAP experts out there.</P><P></P><P>I want to be able to deploy EAP-TLS I understand that you need a machine and user certificate, does this mean that i would have to place the cetificate for each user account on that paticular laptop if utilised by more than one menber of staff ?</P><P></P><P>Thanks in advance.</P><P></P><P>Chris</P> Sun, 04 Jul 2021 01:52:42 GMT https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487186#M124149 chris-atkins 2021-07-04T01:52:42Z https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487187#M124150 <HTML><HEAD></HEAD><BODY><P>Chris,</P><P></P><P>EAP-TLS authentication requires computer and user certificates on the wireless client.</P><P></P><P>HTH&gt;</P></BODY></HTML> Fri, 11 Jun 2010 17:27:42 GMT https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487187#M124150 andrew.prince 2010-06-11T17:27:42Z https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487188#M124151 <HTML><HEAD></HEAD><BODY><P>Hi Chris,</P><P></P><P><!--[if gte mso 9]><xml> <o:OfficeDocumentSettings> <o:AllowPNG></o:AllowPNG> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 10]> <style> /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} </style> <![endif]--></P><P class="MsoNormal"><SPAN lang="EN-US" style="font-size: 9pt; font-family: &quot;Verdana&quot;,&quot;sans-serif&quot;;">If many users share clients, it can be problem that all users certificate have to be on the shared hardware. I had this issue in a school, and we ended up with using EAP-TLS and only hardware certificate. You don’t get full security in this case since you only verify the hardware, but on the other hand, the user have to log in to the domain, so users will be verified as well. Just not by the wireless system.</SPAN></P><P class="MsoNormal"></P><P class="MsoNormal">//Johan</P></BODY></HTML> Wed, 16 Jun 2010 12:43:36 GMT https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487188#M124151 jhedstr2 2010-06-16T12:43:36Z https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487189#M124152 <HTML><HEAD></HEAD><BODY><P>I would setup a new radius login specifically for that client</P><P>and configure all accounts on the client to use</P><P>the same credentials and cert to logon to the wireless network.</P></BODY></HTML> Wed, 16 Jun 2010 17:16:19 GMT https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487189#M124152 Elliott Shawd 2010-06-16T17:16:19Z https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487190#M124153 <HTML><HEAD></HEAD><BODY><P>All makes sense now, thanks everyone.</P></BODY></HTML> Thu, 17 Jun 2010 09:03:51 GMT https://community.cisco.com/t5/wireless/eap-tls-over-wireless/m-p/1487190#M124153 chris-atkins 2010-06-17T09:03:51Z