Thursday, December 14, 2017

EAP-TLS

Hey guys!

I'm a bit lost here trying to set up EAP-TLS

I'd love to have this so we can lock our corporate wifi down to just computers on the domain. This stops people from bringing in their phones and laptops and connecting when they have AD access on their normal account.

I did get PEAP set up and working, which is half the fight here.

Equipment:

Radius - Microsoft NPS server WLC - Cisco 2500 Wireless Controller Client - Windows 7

Does anyone have screen shots of how they set this up? I've created a server cert and placed it on the radius server. Taking this off breaks PEAP so I know this part is working. I guess where I'm getting confused is how to implement the client certificate and finish EAP-TLS. How do I link the client cert into the NPS policy or combine it with the server cert?

Here is how I have peap set up

http://ift.tt/2o3ATSd

I tried this guide:

http://ift.tt/2Ci82wy

but it never told me what I need to do to link the client CA.... help! I'm trying to get our company wifi for the first time in their existence. I have the user CA set up so only certains groups can request enrollment as well. I feel like I'm close



No comments:

Post a Comment