Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
0
Helpful
1
Replies

ACS 4.2, Wireless Authentication PEAP/EAP-TLS & Certificates

stuart.baker
Level 1
Level 1

‎07-29-2010 03:41 AM - edited ‎03-10-2019 05:17 PM

Hi All,

I have a requirement on our wireless network to ONLY approve authentication from machines that are pre-approved. We have our wireless network setup and it's all working well using RADIUS to Microsoft AD servers on the ACS for end user/machine authentication.

We've recently installed a new digital certificate and have enabled EAP-TLS for machine authentication - again all is working as expected with the certificate being downloaded/provided to the remote client as when connection occurs.

Waht I want to do now is actually STOP the provision of the certificate so that I have to use a microsoft Group Policy to install onto the remote clients. In this way I'm thinking that I can then ONLY approve clients that have the correct certificate installed.

Sounds simple, but can I find a way of doing it? - no ... (is what I'm trying to do even possible?)

Any assiatance greatly received ...

Regards,

Stu

Labels:
0 Helpful
1 Reply 1

AdmSeguridad01
Level 1
Level 1

‎08-25-2010 02:28 PM

Hi,

I'm having exactly the same problem, but backwards. I want to install automatically the certificate in my wireless clients. I'm running ACS 4.2 also and I have been running tests, but I have to install manually the generated certificate in each wireless client (300 laptops).

So I would like to know which configuration are you using (in case it's possible you could send me the running config that you have actually installed).

Thank you very much.

0 Helpful
Customers Also Viewed These Support Documents