08-08-2019 07:30 AM - edited 02-21-2020 11:08 AM
Hello All,
We were testing “MDM onboarded mobile device connecting to 802.1x SSID use case” in our environment. The user certificate was pushed from MDM to the test mobile endpoint along with the 802.1x settings (EAP-TLS). While connecting the endpoint to the 802.1x configured SSID, the endpoint was unable to join the network and therefore it failed authentication. The reason is that ISE was not receiving the user certificate that was configured from the endpoint during the certificate exchange. We verified this with TAC by doing a packet capture on ISE. But the user certificate was installed on the endpoint and is signed by both the root CA and the intermediate CA. In this case the test endpoint is iPhone. Is iPhone rejecting the certificate presented by ISE?
Thanks,
Aravind Ravikumar.
Solved! Go to Solution.
08-08-2019 07:42 AM
08-08-2019 07:42 AM
08-08-2019 07:47 AM
Thank you for your response. By ISE cert you mean exporting the system certificates (configured for EAP) and pushing it down to the iPhone along with the root and intermediate cert?
08-08-2019 12:34 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide