ISE/WIFI - 802.1x with machine certificate and user credentials
i need help with the wireless configuration on the WLC/ISE/AD GPO of one of our customers.
Currently we are using machine and user authentication with PEAP and it works fine, I can see the machine authentication when the notebook is booted as well as the user authentication when i login to windows.
Now we want to change the machine authentication to certificate based since the customer got an own CA (they only have machine certs, no user certs). The certificates are enrolled and i change the policies on ISE and the GPO, but it doesnt work.
Right now I am not sure wether I miss something or if its not possible to combine machine cert with user credentials.
Did you completely move to eap-tls or you are going to do certificate validation on eap-peap? eap-tls support only machine and eap-peap only user.
If u want both user and machine to be authenticated you need to deploy eap-teap. If you are to go ahead with eap-teap please run it on a test bed first then take it to the production as there could be some compatibility issues. If not consider using anyconnect as this will give you more options.
also what does the ISE logs reveal for a failed instance?
New version covering common webauth "case generators".
Check your config for common errors that could lead to different failures
New Webex teams room: https://eurl.io/#R6RK2M73v
As usual, desktop version is available:
Thank you for the overwhelming response to the First and Second EFT refresh of 8.10MR6!
We are excited to announce the third refresh of 8.10 MR6 EFT Program for PRODUCTION deployments.
While the CCO release of 8.10MR6 is just a few we...
Greetings!Thank you for the overwhelming response and feedback for the first 17.3.4 EFT/Beta release.
Now we are excited to announce the second refresh of 17.3.4 EFT/Beta Program for PRODUCTION deployments.
This release is the s...
It’s been about two and half years, since the launch of next generation Cisco Catalyst 9800 Wireless LAN Controllers that has the most deployment flexibility and runs the modular, scalable, highly reliable, open and programmable operating system, I...
Hi All, I have made this video for Cisco Pitch the Future Contest in Malaysia which talks about Wi-Fi 6 and EWC Demo. Please feel free to view the video below and please support me for this contest by giving the video a like as the Contest will end o...