Cisco Support Community
Community Member

EAP-TLS help needed

I have a lab setup and I am trying to get EAP-TLS working.  I have ACS 4.2 running on my active directory machine which is also my certificate authority.  I obtained a cert for the ACS and installed it, reset the ACS, then edited the certificate trust list and restarted.

I added a user to the AD.  I then obtained a cert for my laptop logging into the certsrv as the user and installed it.

I added the user to the ACS.

When I try to connect from the wireless laptop using EAP-TLS with the wireless profile EAP TYPE set to Smart Card or Certificate the connection fails.  I have unchecked validate certficate authority with no luck connecting.

When I check the ACS under the failed attemps it says ACS user unknown.  This is the same user, all I did was change the EAP type on the laptop.

When I set the EAP type to PEAP I am able to get connected with or without validating the server certificate.

Any help would be greatly appreciated.



Re: EAP-TLS help needed


I provided a few links that you may find helpful

TLS config example

TLS Video

I hope this helps. Please rate helpful post ... Thanks

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
CreatePlease to create content