Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1458
Views
2
Helpful
3
Replies

NAC - EAP type and ACS certificates problem

marcbutler
Level 1
Level 1

‎11-14-2005 08:57 AM - edited ‎02-21-2020 10:13 AM

Hi All

Attempting to deploy NAC. Managing to get the NAD to query the ACS after some fun and games. However, now that is happening, I am getting the following error in the ACS logs:

EAP type not configured check Global Authentication Setup page

As I understand it, only the "Allow CNAC" checkbox under the PEAP section of the Global Authentication Setup section of ACS is necessary. Internestingly, if I attempt to change the settings on this page (for instance, add EAP-TLS), the follwoing error appears:

Failed to initialize PEAP or EAP-TLS authentication protocol because ACS certificate is not installed

The first thing I did in this process (as directed by the Trend guide in the deploying NAC) was the install an ACS certificate (that is, issue a certificate request from the ACS, cut and paste the Certificate value from the ACS page to the /certsrv page and then downloaded that certificate to C:\ of the ACS. Then, from the Install ACS certificate page, typed in the file name, e.g. certnew.cer, and then hit submit, when it says it successfully installed the ACS certificate and added it to the local store.

Hence, I am never getting any posture information returned to the client machine. Can anyone give me any pointers on this one?

Many thanks

Marc

Labels:
0 Helpful
3 Replies 3

marcbutler
Level 1
Level 1

‎11-16-2005 05:51 AM

Does anyone have any ideas on this?? I am sure with all the brain power that looks at this board that someone will know something!!!

Help (direction) would be much appreciated!!

0 Helpful

lmilher_2
Level 1
Level 1

‎12-19-2005 05:14 AM

Did you install the certificate in the antivirus server ???? Did you deploy the CTA with officescan ???

Check logging the CTA in the machine.

Leo

kmelchior
Level 1
Level 1
In response to lmilher_2

‎12-30-2005 08:26 AM

I had the same problem -

On ACS 4.0

Network Access Profiles

Under the policy of the profile being used click authentication

There is a button at the top of the page that says populate from global, click this

This resolved the issue I had when I got the same message you did

Kevin

0 Helpful
Customers Also Viewed These Support Documents
Top