Hi, we are implementing a new WLAN with one of our customers with two Aruba 7200 controllers and Clearpass with the latest versions. We are using Microsoft AD to authenticated the users. The certificates are also coming from Microsoft PKI. The costumer has a mix of Windows 7 and WIN8.1 but will be rolling out Win10 later this year.
The costumer wants to use 802.1x authentication with both machine and user certificates. This works very well, until…. a new user shall use the PC. Then the user have to connect the PC to a switch-port the first time to be able to download the user certificate. I know that this have been a problem to make this work for some years ago, but is it still a problem?
PS:The costumer will go 100% wireless when they roll out the new Aruba WLAN and do not want switchports on the offices except for printers and so one.
Anyone who have make this work, comments?