can we authenticate 802.1x and Certificate based authentication.
we have cisco 2504 wlc ,ACS 5.4 and Open SSL certificate.
requirement is - if connect one of the ssid then it should asked for a certificate as wellas 802.1x authentication should be there
Yes of course. Its called EAP-TLS and would require a PKI whereby you can push certs to a device.
Hi George ,
Thanks for the reply...
can please tell me what all settings to be done on user laptop to connect certificate based authentication.
and the link you had shared , in that i am unable to see the images (topology etc)
Can you help me with the pdf file for the same
Thanks in Advance
When you setup 802.1x, you should have to have a client accept or do anything. You want it transparent. In order to do EAP-TLS properly, you should have a certificate authority (PKI) designed properly. Since you need a certificate on the radius server and every device, a 3rd party cert doesn't work well in this scenario. If you have a single 3rd party cert and that's on the radius server, then you either can do machine authentication if all computers are domain or PEAP in which uses the AD credentials. You need all pieces in play to properly implement a security policy.
*** Please rate helpful posts ***