I am testing iAP 802.1x supplicant to authenticate the AP on an ethernet interface that has been secured with 802.1x. It is straight forward for PEAP, I enable PEAP in the System settings then configure the User/Pass in the AP settings and it works fine.
EAP-TLS is a little more difficult. I was hoping that I could use the built-in TPM engine to generate and use a built-in User Private Key during the authentication. On the 215/225 model I am testing with, the only option is to use a User Cert. I beleive this means I will need to use an external CA to generate a certificate for each individual AP and upload each cert to each AP.
Anyone have any tips? The CLI does show support for TPM (ap1x tls tpm) but no option in GUI which leads me to beleive it is either not supported on this model or it is not a functional option yet.
Running 6.5.4 release