EAP TLS after BYOD registered

Tutu · ‎11-25-2020

Hello guys,

After my BYOD is registered it is not getting authorised under the eap-tls user authentication.

I keep getting this error.

Please help.

Marvin Rhoads · ‎11-26-2020

The live log error message indicates "client rejected the ISE local-certificate". If your ISE deployment isn't using a certificate issued by a trusted CA then you must manually import the ISE certificate into the local PC's trusted certificate store.

Tutu · ‎11-27-2020

But under issued certificates it shows that ise has issued the certificate.

Now im not sure what went wrong but i can not even get the posturing portal to come up. :(. i m not receiving any error. It also authorizes against the policy and under the logs it also shows that is has got the portal but stil not portal shows up

Aref Alsouqi · ‎11-29-2020

It looks like AnyConnect for some reason is not able to read the certificate store on your local machine. Or maybe, the certificate was not installed properly. If you haven't done this already, try please to open up the certificate store and check if the certificate issued by ISE has been successfully installed. If so, I would try to start AnyConnect with admin privileges and see if that fixes the issue.