Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
299
Views
0
Helpful
2
Replies

Authentication combinations with ISE 1.2

kevinr002
Level 1
Level 1

‎11-25-2013 04:35 AM - edited ‎03-10-2019 09:07 PM

We're in the process of completing our ISE deployment for Wireless but are having some issues with authentication combinations and not sure of which are possible or not.We would like to perform workstation auth based certificate authentication with Microsoft domain credentials authentication, a so called dual authentication using cert and username/password.

Is this possible using the Microsoft WIndows default supplicant?                 

Labels:
0 Helpful
2 Replies 2

Saurav Lodh
Level 7
Level 7

‎05-19-2014 02:44 AM

refer

http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_auth_pol.html

0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎05-19-2014 09:42 AM

is this what you are looking for EAP Chaining which uses a machine certificate or a machine username / password locked to the device through the Microsoft domain enrollment process. When the device boots, it is authenticated to the network using 802.1X. When the user logs onto the device, the session information from the machine authentication and the user credentials are sent up to the network as part of the same user authentication. The combination of the two indicates that the device belongs to the corporation and the user is an employee.

http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/howto_80_eapchaining_deployment.pdf

0 Helpful
Customers Also Viewed These Support Documents