12-05-2017 06:48 AM - edited 02-21-2020 10:40 AM
Hello...re-deploying 802.1x within a network with high security requirements. Fully functional PKI deployment is already out that issues both user and machine certificates. Also using Cisco NAM 4.5 as supplicant and ISE 2.2 as RADIUS server.
Setting up EAP-TLS for machine authentication is very easy to do. User authentication not so much. When setting up the new profile in Network Access Manager and I get to the "Credentials" tab of the network setup, I am prompted to "Use Single Sign On Credentials" or "Prompt for Credentials". We do not use Smart Cards so I cannot use the SSO Creds but I want to provide my end uses with the SSO experience and not have them have to select a certificate to use for authentication.
Any help would be appreciated.
Solved! Go to Solution.
12-05-2017 11:13 AM
Hi Daryl,
Under User Credentials select - Prompt for Credentials > Remember while user is logged on. Then under Certificate sources ensure "Smart card or OS certificates" is selected. I've used this configuration and machine/user authentication is transparent to the user.
HTH
12-05-2017 11:13 AM
Hi Daryl,
Under User Credentials select - Prompt for Credentials > Remember while user is logged on. Then under Certificate sources ensure "Smart card or OS certificates" is selected. I've used this configuration and machine/user authentication is transparent to the user.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide