cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
756
Views
4
Helpful
5
Replies

We are testing to authenticate eap-tls with ise.

evatitrenda
Level 1
Level 1

It was done according to Cisco documentation

The certificate was issued through window ca.

I also put the certificate in the terminal through mmc and manually configured the wlan to select the root certificate of eap-tls.

However, the result is that when you connect to the WLAN

'I can't connect because I need a certificate to log in. Contact your IT support representative.'

The phrase appears, and there is no live log left on ISE.

It's 802.1x, but it doesn't even ask for an account.

Where is the problem?

5 Replies 5

What does this have to do with anything within the Collaboration area?



Response Signature


move this into ISE 
and please can you info what is the WLC you use ?

MHM

@MHM Cisco World

As a VIP you can move posts around in the community. I made the move of the post as you suggested.



Response Signature


@evatitrenda is the windows supplicant configured for authentication? Example.

If there is no ISE Live Logs, is the WLC configured as a NAD and with the correct shared secret?

Is the WLC configured for AAA via ISE correctly?

thomas
Cisco Employee
Cisco Employee

There must be a LiveLog for an authentication failure, even if the WLC is not added to ISE.

Do you have any 802.1X authentications working or is this your first time configuring and using ISE?

Consider watching

▷ Managing Network Devices in ISE

▷ Secure Access with ISE

▷ Securing Cisco Catalyst Wireless with ISE using mPSK / iPSK / 802.1X