Is it possible to use only Microsoft AD to authenticate phones via EAP-FAST/EAP-TLS?
It seems that most of the newer desktop phones that concern me don't support EAP-MD5 for 802.1x authentication. I'm interested in whether I can authenticate a phone that doesn't support EAP-MD5 via shared secret or its LSC using only Microsoft's AD and NPS. A solution using ACS isn't valid due to some design reasons. Using EAP-MD5 on the older phones was straight forward, but I haven't seen any information on authenticating phones via EAP-FAST/TLS without ACS integration. Is this possible? If so, is there documentation on how to implement it?
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: firstname.lastname@example.org Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...