Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
608
Views
0
Helpful
0
Replies

Cisco phone with MIC, EAP-TLS and Microsoft NPS

jmorrison_bcp
Level 1
Level 1

‎03-15-2017 11:53 AM - edited ‎03-17-2019 09:49 AM

I'm trying to use Micosoft NPS Radius server with WPA2 Enterprise EAP-TLS for WiFi. 

I have Microsoft NPS working with PEAP/MS-CHAPv2 but I want to get this working with the built in phone certificate (MIC).

I've followed these steps but I think I'm missing some parts: 

https://documentation.meraki.com/MR/Encryption_and_Authentication/RADIUS%3A_Creating_a_Policy_in_NPS_to_support_EAP-TLS_authentication

https://social.technet.microsoft.com/Forums/office/en-US/ab149e7f-f4df-4595-a1a6-2b4c6c3a47fd/authentication-with-8021x-eaptls-using-cisco-mic?forum=winserversecurity

- The Microsoft NPS policy is set for Smart Card or other certificate. The Radius server is using a commercial certificate. I don't know what CAs the Cisco phones trust though.

- Created an AD group for the phones and setup the certificate mapping. 

- Created AD username for the phone username CP-7925G-SEPxxxxxx     

Has anyone done this with EAP-TLS, Cisco MIC certificates and Microsoft NPS?

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents