EAP-TLS with windows - no supplicant required?

Unanswered Question
Jul 7th, 2008

I have setup and tested fine a network with EAP-TLS using microsoft cert server with an AP direct to ACS, handing off to AD for user auth. I had already installed Cisco Secure Services Client, which is great, but needs ot be purchased for wireless functions... So now to the problem....

I want to run without a supplicant, or at least a free supplicant (as I will have trouble convincing management for $50 a head for it). I cannot get it to work with just XP SP2 - am I doing something wrong or do I require an add-on, or could it be to do with my wireless card/ drivers not tieing in well enough with cisco extensions?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Mon, 07/07/2008 - 19:45

You should be able to do this with XP SP2. When you try, what erros do you get on ACS and on the AP or WLC?

nickjacobs Mon, 07/07/2008 - 20:29

Doesn't even begin to negotiate with the AP for EAP (like it doesn't even attempt - maybe it can't detect the network type - windows says may be out of range or some other generic message) - other attempts the AP in debug say that windows is not responding properly (wpaie not found) like wondows didn't figure out the cipher scheme and responded incorrectly....

I don't think its an eap thing (not ACS, AD,) but wireless negotiation thing.

I just installed the intel proset full suite (not just drivers) which includes a dot1x supplicant and this also works fine like Cisco SSC.

nickjacobs Mon, 07/07/2008 - 22:16

And the next option to was upgrade to SP3 - and it works with no extra supplicant first go....

So problem solved but no explanation as to why....


This Discussion



Trending Topics - Security & Network