Attached is a PDF on how to configure Clearpass authentication using EAP-TEAP, also known as EAP-Chaining.
Environment:
Device: Windows 10 Insider Preview 2004 build 19613.
CPPM: 6.9.0
EAP-TEAP (RFC: 7170) Abstract:
This document defines the Tunnel Extensible Authentication Protocol
(TEAP) version 1. TEAP is a tunnel-based EAP method that enables
secure communication between a peer and a server by using the
Transport Layer Security (TLS) protocol to establish a mutually
authenticated tunnel. Within the tunnel, TLV objects are used to
convey authentication-related data between the EAP peer and the EAP
server.
EAP-TEAPv1 allows for the User and Machine to authenticate during the same session. This will make User + Machine authentication much more graceful.
Instead of relying on the Machine authentication cache in CPPM, you will get the authentication status on the first authentication attempt of both the User and Machine.