does anybody know if, by using EAP-TLS, it's possible to start network connection before login like with LEAP. I tryed it but the certificate seems to be personnal. Is it possible to associate this one to the computer only (with a generic store or user) ???
In fact i'd like my stations to be reachable even if nobody's logged onto.
I don't believe you can use EAP-TLS for "generic" PC authentication since the credentials for authentication are based off of the certificate that the user must import into their local machine store along with their network logon credentials. With the certificate that the user(s) imports into their local machine store, the "Issued to:" field of the certificate must match the user's account name in the DB that ACS is using for this, whether it's an external DB such as Active Directory or whatever. So, you are correct in saying that the user certificate seems to be personal to the specified user.
We are moving! Please use WLCCA Forum for updates and discussions
[toc:faq] Wireless LAN Controller (WLC) Config Analyzer Download Click
here to Download To request access, send an e-mail to
firstname.lastname@example.org. Please include your Cisco.com userna...
[toc:faq] IntroductionHere is the step by step process that we have to
take care of while converting LWAPP to IOS and then vice versa..LWAPP to
IOSThe hardware used = 1141 AP (make sure we are using the right
[toc:faq] Introduction AnyConnect Secure Mobility Client 3.0: Network
Access Manager & Profile Editor on Windows Summary Use the Cisco
AnyConnect Network Access Manager Profile Editor to build custom
profiles for the AnyConnect Secure Mobility Client. App...