Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Looking for way to use certificate attributes in Authorization policy

does any one know how to use certificate attributes in authorization policy when I authenticate with PEAP ??

is it only working when I authenticate with EAP-TLS ??

is there any way to use these attributes with peap ??

Also, what are ways to distinguish corp asset as priavate asset without using certificate ??

Thank you.

P/S I'm using wired network !     

Everyone's tags (1)
1 REPLY

Re: Looking for way to use certificate attributes in Authorizati

Hi,

Peap authentication is a password based authentication protocol, eap-tls is when a client uses a certificate for authentication. So there is not a way to validate cert attributes since the client doesnt send one for PEAP.

You can use machine authentication to validate the corporate asset and rely on the microsoft login process to validate the user account. You can also consider NAM supplicant to perform eap chaining (sends both machine and user authentication and is only supported by ISE as your radius server at this point).

Thanks,

Tarik Admani
*Please rate helpful posts*

Tarik Admani *Please rate helpful posts*
151
Views
0
Helpful
1
Replies
CreatePlease to create content