Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1580
Views
0
Helpful
3
Replies

EAP TLS after BYOD registered

Tutu
Level 1
Level 1

‎11-25-2020 11:54 PM

Hello guys,

After my BYOD is registered it is not getting authorised under the eap-tls user authentication.

 

I keep getting this error.

 

Please help.

Preview file
144 KB
Preview file
7 KB
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-26-2020 01:28 AM

The live log error message indicates "client rejected the ISE local-certificate". If your ISE deployment isn't using a certificate issued by a trusted CA then you must manually import the ISE certificate into the local PC's trusted certificate store.

0 Helpful

Tutu
Level 1
Level 1
In response to Marvin Rhoads

‎11-27-2020 01:30 AM

But under issued certificates it shows that ise has issued the certificate.

 

Now im not sure what went wrong but i can not even get the posturing portal to come up. :(. i m not receiving any error. It also authorizes against the policy and under the logs it also shows that is has got the portal but stil not portal shows up

0 Helpful

Aref Alsouqi
VIP
VIP

‎11-29-2020 07:07 AM

It looks like AnyConnect for some reason is not able to read the certificate store on your local machine. Or maybe, the certificate was not installed properly. If you haven't done this already, try please to open up the certificate store and check if the certificate issued by ISE has been successfully installed. If so, I would try to start AnyConnect with admin privileges and see if that fixes the issue.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card