Hi Ovais,
Thanks for responding...
Yes, we do have the radius server on the network.
We actually moved a couple of steps forward since my post. as I managed to get a bit better documentation from extreme.
The current issue is that the trustpoint file-sync command fails. Basically, the bundle has been loaded on to VX controller but the file has since failed.
MKTVX1#show file-sync load-file-status
Download of EAPTLS10 trustpoint is complete
but the file sync fails
AP08 failed 2021-11-25 11:28:01 3 MKTVX1 Error in loading trustpoint
AP07 failed 2021-11-25 11:28:01 3 MKTVX1 Error in loading trustpoint
AP26 failed 2021-11-25 11:28:01 3 MKTVX1 Error in loading trustpoint
AP03 failed 2021-11-25 11:28:01 3 MKTVX1 Error in loading trustpoint Upload the guide I was fallowing for reference.
Any idea please?
Regards
Bart
Original Message:
Sent: 11-25-2021 16:54
From: Ovais Qayyum
Subject: Wing EAP-TLS help
Hi Bart,
That guide addresses the use case where the WiNG AP/Controller is used as a Radius server and implements EAP-TLS as the authentication method. Of course, that would require you to add certificates to the AP/controllers that are working as Radius server. Usually, you won't use your wireless infrastructure to perform authentication specially in case of EAP-TLS. Not saying its not possible, but its just not done widely.
In your environment, do you have a Radius server or NAC perhaps that could be used to authenticate Domain computers/user using EAP-TLS? it would be more scalable and easier to maintain.
Regards,
Ovais
Original Message:
Sent: 11-24-2021 06:05
From: Bart Bielewicz
Subject: Wing EAP-TLS help
Hi,
I've been fallowing the below guide for EAP-TLS. Would anyone got more documentation please? This is the first time im trasked with EAP-TLS and could fo with more info.
How To: How to configure WiNG based RADIUS server to process EAP-TLS authentication? | Extreme PortalForce | remove preview |
| How To: How to configure WiNG based RADIUS server to process EAP-TLS authentication? | Extreme Portal | First of all, make sure you have following done: proper PKI setup to issue certificates for clients & trustpoints your wireless client has proper personal | machine certificate installed with corresponding private key your APs have a valid trustpoint from the same SSL chain of trust If you do not know How to import digital certificate to WiNG controller, follow the relevant article. | View this on Force > |
|
|
Regards
Bart