Security

Reply
Frequent Contributor II
Posts: 109
Registered: ‎01-01-2012

EAP TLS Radius

HI,

 

I am configuring 802.1x authentication. I have 2003 Server as AD and CA both. 

Client should get Certificate automatically ( that can be done throgh GPO)

I want to do AD auth as well as certificate auth.  i.e. if a client is having Certificate and then AD username and Password are inputted then authentication should happen....can this be done ?

 

As per my understanding EAP-tls will not ask username/password ..It will take username/password from current login session in machine and accordingly push (manually install) certificate...is that correct???

Guru Elite
Posts: 20,773
Registered: ‎03-29-2007

Re: EAP TLS Radius

So, the certificate in EAP-TLS will allow the DEVICE to connect wirelessly via a certificate that resides on the machine.  This can be a machine certificate or a user certificate.  The user STILL has to input his/her username and password to get into the machine.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor II
Posts: 109
Registered: ‎01-01-2012

Re: EAP TLS Radius

that means while connecting to ssid it will not ask for username password right ?
Guru Elite
Posts: 20,773
Registered: ‎03-29-2007

Re: EAP TLS Radius

It will not.  It will use the certificate on the computer. Just like any Windows computer, however the user MUST have a valid username and password to get into the computer to do anything with it.  The certificate is only for wireless connectivity.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 1,412
Registered: ‎11-30-2011

Re: EAP TLS Radius

indeed, it wont ask for that, it might ask for which client certificate if you have multiple.

Search Airheads
Showing results for 
Search instead for 
Did you mean: