Security

Reply
Frequent Contributor II
Posts: 148
Registered: ‎04-13-2009

Posture Checking with EAP-TLS

Hello Everyone,

 

I would like to perform posture checking on my wireless clients who are authenticating with EAP-TLS, however in windows i cannot find a way to enable the NAP agent on the EAP-TLS configured wireless network.

 

From looking online i found that you need to enable Enable Quarantine checks but the instructions only refer to EAP-PEAP:

 

To view PEAP properties of a network connection for wireless 802.1X-authenticated computers, right-click the wireless network connection, click Status, click Wireless Properties, click the Security tab, and under Choose a network authentication method, next to Microsoft Protected EAP (PEAP), click Settings.

 

Is it currently possible to do health checking via clearpass and NAP agents for clients connecting via EAP-TLS?

 

Thanks,

 

-ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA
Frequent Contributor II
Posts: 148
Registered: ‎04-13-2009

Re: Posture Checking with EAP-TLS

Posted too soon.

 

I had to enabled the EAP Quarantine Enforcement Client on the device under NAPCLCFG.MSC

 

Also i configured the wireless profiles with EAP-PEAP outer method, and EAP-TLS as the inner method(to still allow for certificate authentication). This allows the NAP Check to be performed since it requires EAP-PEAP.

 

Hope this helps anyone who may come across this,

 

-ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: