Forcing clinet to have certificate in 802.1x

Unanswered Question
Nov 13th, 2009


I have 802.1x with windows pki on wire with PEAP...i configure swithes to use MS IAS as radius... User from winxp authenticate regularwith user name and pass and user certificate.... Also same user can authenticate from linux machine even if the machine dont have certificate....

How to deny machines without certificates and in which point? I thing it would be IAS?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Fri, 11/13/2009 - 07:36

PEAP works with username/password combo and cert only on server side. If you want all machines to have certs, configure EAP-TLS.

Not sure how on IAS though.




This Discussion