Cisco EAP-TLS w/Win2003 CA server

Discussion in 'Cisco' started by mmainer, Feb 16, 2005.

  1. mmainer

    mmainer Guest

    I'm having a hell of a time getting EAP-TLS working with a Microsoft
    CA issuing the Certs. I have PAEP working with no problems in the same
    environment (laptop WinXP, switch port Cisco Cat 4003, Cisco ACS Server
    3.2.3 and username Win2003 AD). I'm thinking that it has to do with
    how the CA server is issuing the User Cert and what AD is looking from
    the Cert to authenticate it with a user. What I see from my client
    when trying to use EAP-TLS is "Attempting to authenticate" it never
    fails or passes. I never see anything in the ACS logs that says Pass
    or Fail.

    Anyone else have this problem? I'm sure that I'm missing some very
    simple step or check box somewhere but it's driving me crazy and I
    help some help.

    BTW, I have tried Cisco Test Certs from the following URL and
    wouldn't you know it works so I know the environment if correct, like
    I said I like it is the Cert but not sure how to fix it.

    http://www.cisco.com/en/US/netsol/n...ons_white_paper09186a008009256b.shtml#wp39021
    mmainer, Feb 16, 2005
    #1
    1. Advertising

  2. mmainer

    Albert Bank Guest

    we had a lab setup to compare various radius solutions and discovered that
    this setup works best for us using freeradius on linux.

    We created the certs using openssl, the only caveat is to add the proper
    usage in openssl.conf
    even the replication of certificated across various servers works like a
    charm

    hope that helps

    al
    Albert Bank, Feb 22, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robert Irwin

    Does EAP-TLS *NEED* Windows 2003 server?

    Robert Irwin, Jul 7, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    5,181
    Wayne Tilton
    Jul 12, 2004
  2. Vo
    Replies:
    18
    Views:
    7,887
    Wajihy [MSFT]
    Aug 27, 2003
  3. Phil Dotchon

    Cisco Secure ACS - EAP-TLS Certificates

    Phil Dotchon, Apr 6, 2004, in forum: Cisco
    Replies:
    1
    Views:
    1,500
    Phil Dotchon
    Apr 14, 2004
  4. Edward Ray

    Cisco Aironet AP1130G Series PEAP-EAP-TLS HOW-TO

    Edward Ray, Jul 7, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,323
    Edward Ray
    Jul 7, 2006
  5. Mike
    Replies:
    2
    Views:
    4,172
Loading...

Share This Page