cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
953
Views
0
Helpful
3
Replies

Allowing Windows WIFI profiles when running Cisco Secure Client NAM

Hello all,

We would like to setup a TEAP wifi profile but the NAM doesn't seem to support this protocol. Our idea now is to create the profile in Windows (10) and somehow let the NAM allow this in some way.
Does any of you know if this is possible or have another idea or solution to this?

We need the NAM for security and legacy reasons.

 

Best Regards
Claus

3 Replies 3

Greg Gibbs
Cisco Employee
Cisco Employee

NAM uses EAP-FAST (v2) for EAP Chaining. This was the original Cisco proprietary method for EAP Chaining before TEAP was ratified as a standard.

See Understanding EAP-FAST and Chaining implementations on AnyConnect NAM and ISE  for more information and examples.

Thanks for pitching in. We're using EAP-FAST (v2) in our setup today, but we're implementing a separat setup where we want to utilize TEAP. Is it possible to have these run on a Windows 10 PC, with Cisco Secure Client, at the same time? Allowing the PC to be able to authenticate using either.

Microsoft documentation seems to suggest that using multiple supplicants is possible - how to do this using the EAPHost api is another question (and what, if any, 3rd party supplicants are supported).

hth
Andy

https://learn.microsoft.com/en-us/windows/win32/eaphost/general-frequently-asked-questions#how-does-eaphost-bind-to-network-adapters-

 

How does EAPHost bind to network adapters?

EAPHost allows multiple supplicants to operate simultaneously, and each supplicant can bind to multiple network adapters. EAPHost supplicants provide binding to the network layers and drive the authentication process. Supplicants contain authentication configuration. Supplicants also save the state and provide subsequent connection security. Because EAPHost doesn't directly bind to any network mechanism, supplicant extensibility is possible.