Is it possible to have a the following
LT --------WCS ---------ACS ---------RA ------AD DC
Now is it possible to have the Laptop just use EAP-TLS Machine auth to the ACS only, without using the external AD?
The plan is to use AD eventually, but for a proof-of-concept, just would like the LT for this stage to machine auth with the ACS?
All the correct certs are on the ACS and LT.
The LT is connecting to the ACS but in the faulied radius attempts, we get the following :-
Machine authentication is not permitted
I thought I may have to set up a user name in the ACS internal DB with the hostname of the LT, but then you have to set a password, so now I am thinking that this is not possible?
Im sure ACS should be able to do a full machine eap-tls auth with a laptop?
If anyone could help?