Banging my head bad! Need help w/machine authentication
I have spend the past two weeks, yes sadly so, trying to figure out how to get my WLAN to authenticate computers and users. I originally set up my infrastructure so that my clients connected to an AP, the AP had a WLSE as a RADIUS which then passed the credentials to Active Directory via Cisco Secure Agent for use authentication. This worked, but when my users log off, the machine loses network connectivity so I need to get the "Authenticate as computer when available working". From what I can tell, the WLSE and Cisco ACS agent for Windows does not support machine authentication. My plan was to install IAS and a certificate server on my domain and have that act as the radius server instead of the WLSE and ACS. I installed those, but never go any luck with authentication. I read somewhere that it may not be possible to use IAS and WDS together and I do have one of my access points setup as WDS.
My question is does anyone know of a way that I can enable machine authentication without so much pain. It would excellent if I could do this using the WLSE and possibly ACS. I was even hoping that Cisco may have a supplicant that offered such authentication without the pain.
I need the network to be secure, WPA2 and AES preferred, because it is for health care.
Any suggestions. I am really at a loss here. I thought for sure that the IAS server would have been the solution, but no dice.