Hi. We authenticate wired clients using EAP-TLS with Computer Certificates. This works fine so far. Now we need an authorization with LDAP and set the VLAN based on the AD Group of the Computer. Is there a way to use the CN of the Certificate and retrieve the Attributes of the Client over LDAP?
You should be able to do this, as long as the cn name is in the corrext format which for computer certificates it ahould be fine. Setup the ldap external store, find the grouo and map that to your authz policy.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...