I have been reading the Cisco ISE for BYOD and trying to create an Authentication Policy for EAP-TLS. When I build the new policy and add a new condition, then go to Network Access, EAPAuthentication is not an option. So I went to policy element and created a new Authentication, Compond condition and added it to the library. When I try to add it to my Authentication Policy it doesnt allow me to chose it and says only relevant conditions are selectable. Am I missing a step somewhere?
Any help is greatly appreciated and thanks in advance!
Thanks that's what I needed thanks. I was closing out of my current policy and inserting a new above the default. Now I need to get my certs working with my phone and ISE. Currently, we are using packetfence and Mobil iron which issues the certs during registration - still working with security team to see how this is done. When I look at the certs on my phone I can see the root certs, but when I create a SSID and chose a cert the root isnt an option. Any ideas how I can connect using a new ssid with the root certs on my phone?
EAP-TLS does not mean that you're using your root CA certificates to connect to the network. You're using instead a machine or user certificate signed by your CA.
The CA's certificate provides the means to check one's presented certificate. Is the same thing with your ID. Somebody did some checks on you (the authorities) and guarantees that you are who you claim to be.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :