Solved: 802.1x Combine EAP Authentication - Machine and User

rdediana · ‎02-16-2019

Hello Team.

we have a requirement to build policy around the user identity; while also user machine certificates to authenticate the computer.

is it possible to build an authorization policy that combines the results for both EAP-TLS (cert for machine) and PEAP-MSCHAPv2 (User credentials)?

the goal is to provide network access based on the combined machine and user authentication results.

thanks

Rob Ingram · ‎02-16-2019

Hi, If you want to combine EAP-TLS for computer and PEAP for user authentication you would need to use EAP Chaining, this requires AnyConnect NAM as the supplicant however. How to guide here.

HTH

View solution in original post

Rob Ingram · ‎02-16-2019

Hi, If you want to combine EAP-TLS for computer and PEAP for user authentication you would need to use EAP Chaining, this requires AnyConnect NAM as the supplicant however. How to guide here.

HTH

802.1x Combine EAP Authentication - Machine and User

802.1X/EAP Troubleshooting

自律型AP-WLAN作成方法（802.1X/EAP）

CISCO ISE EAP-TLS AUTHENTICATION

Windows 11 machines fail to complete EAP-TLS authentication with ISE

Cisco ISE 802.1x Machine Authentication Cert EAP-TLS