Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
0
Replies

Cisco CP-8811 802.1x phone authentication EAP-TLS with MS NPS radius server

malark79
Level 1
Level 1

‎09-27-2019 09:40 AM

Hi all,

We've been using 802.1x authentication at my company for about a year now and have successfully gone through the process of signing the phone certificates for our 79xx models, but not the 8811 models. The key difference we've found is in the issued certificates for the two models. The common name on the 79xx models read SEP<mac address> whereas the 8811 models read CP-8811-SEP<mac address>. This poses a problem because the certificate common name, which is also the username for the phone's account in our Active Directory to authenticate against the NPS, is too long for the NPS to reference. We know we can strip the CP-Model under the connection request policy of the NPS, but that won't help us because the certificates themselves cannot be modified. Is there another solution? 

Our CUCM is on version 10.5.

 

Thanks,

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents