If you have Windows clients you can implement EAP-TEAP. This will authenticate both the computer and the user at the same time and you can select EAP-TLS for the computer and EAP-PEAP for the user account.
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------
Original Message:
Sent: Jul 04, 2024 02:56 AM
From: nipunmeewella
Subject: Simultaneous use of EAP-PEAP and EAP-TLS
Hi @jonas.hammarback,
Thank you for the reply.
Basically yes!, customer is asking something like MFA scenario authenticating the user via U/N & password meanwhile authenticate the machine via the device certificate.
Can't we implement a solution like first authenticate via certificates then ask U/N & password ?
Original Message:
Sent: Jul 04, 2024 02:51 AM
From: jonas.hammarback
Subject: Simultaneous use of EAP-PEAP and EAP-TLS
Hi
Short answer is No. If you are talking about performing both methods at the same time during 802.1x.
Can you describe more about the intention behind the request to do this and also what types of clients the users will utilize?
Is the intention to implement a type of multifactor authentication?
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
Original Message:
Sent: Jul 04, 2024 02:41 AM
From: nipunmeewella
Subject: Simultaneous use of EAP-PEAP and EAP-TLS
Hi All,
I need to know whether the same client can be authenticated from both the methods EAP-PEAP and EAP-TLS simultaneously. As a brief, user need to log in to the same SSID using Username and Password as well as certificate authentication also need to be done via EAP-TLS.
Thank you