Solved: Re: MACOS on Large scale

Sherif El Shourafah · ‎05-07-2019

Hi Team,

Do we have any guidance or Cisco best practices or Cisco guide about configuring DOt1X on large scale enterprise to configure EAP options on MACOS, customer is asking,

Damien Miller · ‎05-07-2019

I have been involved in leveraging Airwatch to authenticate iphones and macs at scale. Airwatch is able to provision user certs from AD with scep and push them down along with network connection profiles and trust chain.

I say user certs because at least last year when I was going this, Airwatch was not hostname aware, it only had a user tied to a device. It works very well doing user cert eap-tls this way. One caveat would be on macbooks though, the user had to select which certificate they wanted to authenticate with if there were multiple.

View solution in original post

Aravind Ravichandran · ‎05-07-2019

Please follow this 802.1X Network Authentication for Mac.

-Aravind

Damien Miller · ‎05-07-2019

I have been involved in leveraging Airwatch to authenticate iphones and macs at scale. Airwatch is able to provision user certs from AD with scep and push them down along with network connection profiles and trust chain.

I say user certs because at least last year when I was going this, Airwatch was not hostname aware, it only had a user tied to a device. It works very well doing user cert eap-tls this way. One caveat would be on macbooks though, the user had to select which certificate they wanted to authenticate with if there were multiple.

MACOS on Large scale

RTMT for MacOs

Umbrella Directory Update: Cisco Secure Client 5.1.8 (Win/macOS)

Catalyst 8200/8300 - SDA Control Plane Scale

How to Determine the Scale of an ISE Deployment

ASR9000/XR Understanding Route scale