We are testing to authenticate eap-tls with ise.

evatitrenda · ‎07-07-2024

It was done according to Cisco documentation

The certificate was issued through window ca.

I also put the certificate in the terminal through mmc and manually configured the wlan to select the root certificate of eap-tls.

However, the result is that when you connect to the WLAN

'I can't connect because I need a certificate to log in. Contact your IT support representative.'

The phrase appears, and there is no live log left on ISE.

It's 802.1x, but it doesn't even ask for an account.

Where is the problem?

Roger Kallberg · ‎07-07-2024

What does this have to do with anything within the Collaboration area?

MHM Cisco World · ‎07-07-2024

move this into ISE
and please can you info what is the WLC you use ?

MHM

Roger Kallberg · ‎07-07-2024

As a VIP you can move posts around in the community. I made the move of the post as you suggested.

Rob Ingram · ‎07-07-2024

@evatitrenda is the windows supplicant configured for authentication? Example.

If there is no ISE Live Logs, is the WLC configured as a NAD and with the correct shared secret?

Is the WLC configured for AAA via ISE correctly?

thomas · ‎07-08-2024

There must be a LiveLog for an authentication failure, even if the WLC is not added to ISE.

Do you have any 802.1X authentications working or is this your first time configuring and using ISE?

Consider watching