Security

Reply
Occasional Contributor II
Posts: 14
Registered: ‎11-07-2013

EAP-TLS doesn't work with Windows XP SP3 on wired networks

Hi,
we have tried to authenticate a machine with Win XP SP3 using EAP-TLS but Clearpass doesn't receive any request. However, we have no problem using Windows 7.
Any idea about what is happing? we have found in different forums similar issues but any of them showed a way to fix it.

Cheers,
Oscar

Aruba
Posts: 1,548
Registered: ‎06-12-2012

Re: EAP-TLS doesn't work with Windows XP SP3 on wired networks

Usually it is a driver issue for the adapter. I'm running an old laptop with XP sp3 with no issues but it is Broadcom on both wired and wireless.
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Aruba
Posts: 1,548
Registered: ‎06-12-2012

Re: EAP-TLS doesn't work with Windows XP SP3 on wired networks

Colin also reminded me... :)

http://blogs.technet.com/b/networking/archive/2009/12/16/possible-problems-seen-after-upgrading-windows-xp-clients-to-sp3-in-an-environment-that-uses-wired-802-1x.aspx
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Moderator
Posts: 948
Registered: ‎07-29-2010

Re: EAP-TLS doesn't work with Windows XP SP3 on wired networks

Hi Óscar

Having read the post in the Microsoft forum I'd suggest you go for PEAP on the wired XP clients. Using clearpass you can easily build a policy that allows XP devices to connect using PEAP and forces W7 devices to do EAP-TLS. You just have to build an enforcement profile (or role derivation) that uses the profiling info in the endpoint repository.

If you need further assistance please don't hesitate to ask.

Regards
Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Search Airheads
Showing results for 
Search instead for 
Did you mean: