Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 4.2 + EAP-TLS Machine Authentication

Hi All,

I'm currently trying to get EAP-TLS working in a lab with machine and client authentication. I have

Laptop -> Aironet AP -> ACS 4.2 -> AD + CA

I have configured autoenrollment of client and machine certificates, which is working fine and have issued a server certificate to the ACS server. Now the problem I have is when using the "Enable machine access restrictions". When I click this option I get the error "External DB user access denied (Machine Access Restriction)". If I do not have this option chosen I can successfully authenticate using EAP-TLS. I have checked some documentation regarding this error and the resolution seems to be "Ensure NAR configured".

Does anyone know what this error is pointing to?

thanks

Alun.

178
Views
0
Helpful
0
Replies