Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CTA with Supplicant and GINA Single SignOn

Hi,

I'm trying to configure the CTA 2.0 with 802.1x supplicant to work with MS GINA as Single Sing On in NAC 2. The only thing that doesn't work is user single sign on in AD. After entering the username and password during GINA login, user is always promted for CTA supplicant credentials. Is there any way to pass there the credentials from GINA login? I checked on the Single sign on feature of the CTA agent (credentials setup) and also included the network profile and policy in proper folders.

Regards,

Krzysztof

5 REPLIES
Silver

Re: CTA with Supplicant and GINA Single SignOn

Configure the end client to use the Microsoft Active Directory method of providing the machine certificate.

http://www.cisco.com/en/US/products/ps5923/products_maintenance_guide_chapter09186a008059aa85.html

abz
New Member

Re: CTA with Supplicant and GINA Single SignOn

Krzysztof,

you need to make sure that you use ms-chapv2 as the inner method in your eap-fast. Disable gtc as a means for authentication. That should allow your single sign on to work.

Adam

New Member

Re: CTA with Supplicant and GINA Single SignOn

Thanks Adam,

I configured it, with success.

Regards,

Krzysztof

Bronze

Re: CTA with Supplicant and GINA Single SignOn

by disabling gtc, you are forced to remove automatic provisioning. How can you use single signon with automatic provisioning?

New Member

Re: CTA with Supplicant and GINA Single SignOn

How can I disable GTC? I try to modify the XML files but the signature creates a problem. I disable GTC on radius Server... The credential CTA takes the username but always asks me the password...

134
Views
0
Helpful
5
Replies
CreatePlease to create content