EAP-Fast with certificates

Unanswered Question

Hi,


I'm trying to configure a 1242 AG Access Point (configured as a Workgroup Bridge) with EAP-Fast using in-band authentication and requiring certificate for provisioning. I have a certificate and all required options checked on ACS 4.1 Server side, and a trustpoint defined on AP side, but I always get a handshake failure.


Although, using EAP-Fast anonymous in-band is working, and using EAP-TLS with the these certificates works too.


So I finally ask this question : as someone ever configured a 1242 AG Access Point as a client to use EAP-Fast PAC provisioning based on certificates, and is there some undocumented trick that I've missed ?


Regards.


Stephane.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Thanks for the link to the document. I've checked out all the options and they are ok, but the TLS(PKI) phase 0 is not mentioned, and it still stop working as soon as I disable the anonymous authentication. I guess I should try with a laptop client (actually the goal is to connect a small network to the main network where the radius server is, using 2 access points), just to be sure of my ACS configuration.


Regards.


Stephane.


Actions

This Discussion

 

 

Trending Topics - Security & Network