Good morning,
A customer wants to do the following for their corporate wireless users (all clients will be customer assets):
Corp. wireless to authenticate with 2-factor authentication:
- •1. Certificate
- •2. Machine auth thru AD
- •3. Domain creds
When client authenticates, they want to match on 2 out of the 3 conditions before allowing access.
Clients are Windows laptops and corporate iPhones.
Certs can be issued thru GPO and MDM for iPhones
Client supplicant on laptops is native Windows - which I understand is a compatibility issue from this thread: https://supportforums.cisco.com/thread/2185627
My first question is: can this be done?
Second question: how would i implement this from an AuthC/AuthZ perspective?
Thanks in advance,
Andrew
