Team,
I have a rather successful wired DOT1X solution using EAP-TLS (PKI) running on my Cat3850 network. Ok, it's using ACS still but I'll rollout a better authentication server in the months to come.
I have had to add a layer of switching in front of my authenticator and now want to explore using NEAT by defining a supplicant configuration. I see that I have tried using username/password in the credentials and see my RADIUS light up with deny log entries - I expected to see this as I don't have an ACS access policy defined to allow connection.
I am trying to use my pki by creating a trustpoint on this supplicant and the trying to define "pki-trustpoint <tp-name>" in my dot1x credentials.
I'd expect to see something at the ACS related to my EAP-TLS attempts, but I see nothing.
Is what I am trying to do even possible?
Thanks,
Chris