NAC framework deployment

chenyokechuan · ‎03-04-2007

Hi All,

I have a problem with the NAC deployment.

Currently i try to setup the lab for deploy 802.1x solution.

I have follow the step configure the NAD (switch), ACS,....but i still receive the error message that mention i don't have certificate in personal store as credential for authentication.

Anyone can help?

Vivek Santuka · ‎03-05-2007

Hi,

CTA 802.1x supplicant uses only EAP-FAST.

So On the client you need to either uncheck "validate server certificate" on take the ACS Certificate/Root certificate of the CA Server and add it in the store. To add in the store use :-

ctacert /ui 5 /add "path to certificate" /store "root"

Regards,

Vivek

chenyokechuan · ‎03-05-2007

Hi,

Thanks for help, may i know how to disable "validate server certificate" on the CTA agent? For the CA, it is MUST be a root CA? if i plan to test it on lab environment, can i setup a standalone/standard CA?

Thanks

Chen

Vivek Santuka · ‎03-06-2007

Chen,

You can setup a standalone CA or even use the self signed certificate from ACS.

Regards,

Vivek

chenyokechuan · ‎03-06-2007

Hi Vivek,

Thanks a lot, i will try it.

Thanks

Chen