Hello team, I'm trying to setup an ISE deployment that will use ECDSA certificates for wired and wireless machine authentication, as well as ECC keys for Android BYOD devices and RSA keys for Apple IOS BYOD devices. I currently have the external ...
Hslai, Thank you. I now understand. I was confused as I was expecting "EC" to mean it would be supported for Suite B (RFC6460). The EC we support is ECDHE_RSA, which is not an accepted Cipher Suite in Suite B. It is a fully supported Cipher Su...
Hslai, You stated "You are correct that ISE internal CA uses only RSA key. ECC keys are not an option currently". I am having a hard time understanding how a CA with RSA keys can issue EC keys to clients. I know my customer is going to ask how t...
Thanks hslai, I've setup everything on my internal lab and it looks correct, but I don't have the equipment to verify everything with the ECC and EST process (no Android devices). I'll get my customer to verify and see where we stand.Thanks,Shawn
Hello Bryanrobh, While I don't have a GNS3 lab you can use to test it, I can point you to a few documents which will help you understand/setup a simulator. First, here is a AAG paper which gives you a very high level overview of DLEP: http://w...