Hey Yuri, I did a quick test. And I managed to make it work. I even tried to disable eap-chapv2 and eap-gtc as inner methods on ACS and only allow EAP-TLS as EAP-Fast inner method.
I first enrolled the ACS with CA. got a cert for the client from the ADU pc. congigured the ADU with that EAP-FAST TLS certificate for client. The user has to exist in ACS aswell to my knowledge. And it seems to work for me on ADU. regards. Kristjan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 16. ágúst 2011 01:00 To: [email protected] Subject: CCIE_Wireless Digest, Vol 29, Issue 10 Send CCIE_Wireless mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of CCIE_Wireless digest..." Today's Topics: 1. EAP-FAST authenticating with Certificate (Yuri Mecca) ---------------------------------------------------------------------- Message: 1 Date: Mon, 15 Aug 2011 22:00:11 -0300 From: Yuri Mecca <[email protected]> To: <[email protected]> Subject: [OSL | CCIE_Wireless] EAP-FAST authenticating with Certificate Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" Hi Guys, I'm working with EAP Authentication and I had a problem to connect the laptop (Cisco ADU) with ACS 4.2 using EAP-FAST with inner method as TLS (Certificate). Its work fine with PEAP Inner TLS, EAP-TLS, and other EAP-FAST methods like MS-CHAP or GTC. In the ACS Reports I see this message: "EAP_TLS Type not configured" Follow attached my EAP-FAST config. Had anyone make this auth works? I'm using External Database. Thanks for the replies! :-) Yuri -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_wireless/attachments/20110815/328305f3/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: fast.JPG Type: image/jpeg Size: 102566 bytes Desc: not available URL: </archives/ccie_wireless/attachments/20110815/328305f3/attachment.jpe> ------------------------------ _______________________________________________ CCIE_Wireless mailing list [email protected] http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless End of CCIE_Wireless Digest, Vol 29, Issue 10 ********************************************* _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
