Sorry this took so long. I was pulled into another project.
I'm using a clearpass for the radius server and I have joined the CPPM to the domain. We have a Windows PKI infrastructure and I've added the certificates to the CPPM. CPPM also has a certificate we bought so that guest users aren't prompted to install a certificate.
I've searched for documentation for how to add NAP to an external device. Am I correct that CPPM should act as the authenticator between the Windows devices and the authentication server and that CPPM will then query the MS server running NAP for posture information?
The way it's setup now is
Client -> Switch/Controller (my CPPM is set as the RADIUS server) ->CPPM (authenticates the client via either mac auth or an AD lookup depending on the type of device) ->NAP (setup in CPPM as a posture server.)
I hope this makes more sense. If you or anyone has any suggestions or questions, I'll be sure to answer them quickly.
Thanks,
Robert