Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
1
Replies

EAP-TLS certificates accross multiple computers?

jasonhumes
Level 1
Level 1

‎09-15-2004 07:59 AM - edited ‎07-04-2021 09:59 AM

Hi

So I've got eap-tls working with W2k IAS/Certificate Services and an AP1100. My clients are all XP/2000 notebooks and each machine has a computer certificate. The problem is that the notebooks are generic (not user specific) and the notebook that user1 got today may not be the same notebook that user1 gets tomorrow and therefore he/she will not be able to login tomorrow (because their user certificate is stored on the first notebook they had...the one that they used to request the cert). Is there any way to have the user certificates follow the user, regardless of which PC to logon to the domain with? Maybe with romain profiles or something like that. Any ideas. Thanks.

Labels:
0 Helpful
1 Reply 1

scottmac
Level 10
Level 10

‎09-15-2004 12:34 PM

You could roll back to PEAP, using LDAP or MSCAHPv2 for authentication. You'll still authenticate the server and get dynamic keys, but the client authentication will still occur at the domain level.

Other than that, I don't think you can have a "mobile/portable" certificate (that would be more like a SecureID fob).

FWIW

Scott

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card