Security

Reply
Occasional Contributor II

CPPM for EAP-TLS

Hello , 

 

we will be rolling out NAC for Wired and for dot1x , we proposed EAp-TLS ( Machine certificate)

 

So clear pass needs to be integrated with Certificate Server and everytime it queries to Certificate server for cert validation if a machine connects ?

 

Or we put the Root CA server certificate on clearpass  and there is no need to integrate CA server?

 

I need to know the authentication source for EAP-TLS 

Super Contributor II

Re: CPPM for EAP-TLS

You need to add the Root/Intermediate CA to ClearPass.
It's advisable to validate the certificate using SCEP or a CRL. Also keep in mind that by default ClearPass will check the certificate only and no the computer account status.

Willem Bargeman ACMX#935 | ACCX #822

Please give me kudos if my post was useful!
If your issue is solved mark the post as solution!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: