EAP-TLS help needed

srosenthal · ‎11-01-2010

I have a lab setup and I am trying to get EAP-TLS working. I have ACS 4.2 running on my active directory machine which is also my certificate authority. I obtained a cert for the ACS and installed it, reset the ACS, then edited the certificate trust list and restarted.

I added a user to the AD. I then obtained a cert for my laptop logging into the certsrv as the user and installed it.

I added the user to the ACS.

When I try to connect from the wireless laptop using EAP-TLS with the wireless profile EAP TYPE set to Smart Card or Certificate the connection fails. I have unchecked validate certficate authority with no luck connecting.

When I check the ACS under the failed attemps it says ACS user unknown. This is the same user, all I did was change the EAP type on the laptop.

When I set the EAP type to PEAP I am able to get connected with or without validating the server certificate.

Any help would be greatly appreciated.

Seth

George Stefanick · ‎11-01-2010

Hello,

I provided a few links that you may find helpful

TLS config example

http://www.cisco.com/en/US/customer/products/ps6366/products_configuration_example09186a00807917a6.shtml

TLS Video

http://www.youtube.com/watch?v=sazfGz2D3eo

I hope this helps. Please rate helpful post ... Thanks

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________