Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
1
Replies

Looking for way to use certificate attributes in Authorization policy

jiyoung Kim
Level 1
Level 1

‎07-17-2013 10:36 PM - edited ‎03-10-2019 08:39 PM

does any one know how to use certificate attributes in authorization policy when I authenticate with PEAP ??

is it only working when I authenticate with EAP-TLS ??

is there any way to use these attributes with peap ??

Also, what are ways to distinguish corp asset as priavate asset without using certificate ??

Thank you.

P/S I'm using wired network !     

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎07-18-2013 11:14 PM

Hi,

Peap authentication is a password based authentication protocol, eap-tls is when a client uses a certificate for authentication. So there is not a way to validate cert attributes since the client doesnt send one for PEAP.

You can use machine authentication to validate the corporate asset and rely on the microsoft login process to validate the user account. You can also consider NAM supplicant to perform eap chaining (sends both machine and user authentication and is only supported by ISE as your radius server at this point).

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful
Customers Also Viewed These Support Documents