Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
585
Views
0
Helpful
4
Replies

windows 8/10 non-domain can login radius windows 2016 except Certificate

info@toyoseikan.co.th
Level 1
Level 1

‎11-24-2018 07:22 AM - edited ‎07-05-2021 09:29 AM

My lab test NPS windows 2016 and Certificate with Cisco 2504 Firmware 8.3.143.0 configuration Radius everything work.
but Client non-domain windows 8/10 and some mobile can login my SSID(802.1x) without Certificate.

Please advise about this case Thank you.

Labels:
0 Helpful
4 Replies 4

Scott Fella
Hall of Fame
Hall of Fame

‎11-24-2018 08:03 AM

That is because you are probably allowing PEAP protocol in NPS. In order to authenticate using a computer certificate, you need to specify EAP-TLS. You can search “Radius NPS EAP-TLS” and find various links on what you need to do.
-Scott
*** Please rate helpful posts ***
0 Helpful

info@toyoseikan.co.th
Level 1
Level 1
In response to Scott Fella

‎11-26-2018 07:36 PM

Do you mean EAP Type PEAP to Remove ?

Preview file
82 KB
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to info@toyoseikan.co.th

‎11-26-2018 07:49 PM

Yes... should only be EAP-TLS
-Scott
*** Please rate helpful posts ***
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎11-26-2018 07:58 PM

Here is a guide I found:

https://networklessons.com/uncategorized/peap-and-eap-tls-on-server-2008-and-cisco-wlc/
-Scott
*** Please rate helpful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card