Windows 10: User EAP-TLS authentication for the first time

Discus and support User EAP-TLS authentication for the first time in Windows 10 Customization to solve the problem; Hi community, we are trying to develop 802.1X authentication to the network (LAN and WLAN) using the native Windows supplicant. The recommendation... Discussion in 'Windows 10 Customization' started by Pavel Makovec (DHL IT, Sep 6, 2019.

  1. PAVEL MAKOVEC (DHL IT
    Pavel Makovec (DHL IT Win User

    User EAP-TLS authentication for the first time


    Hi community,


    we are trying to develop 802.1X authentication to the network (LAN and WLAN) using the native Windows supplicant. The recommendation for the internal security department is to use certificates from the authentication. Second requirement is to have a user identity when an user is on a corporate machine.


    Machine and user certificates are auto-enrolled using GPO policy.

    Then we've configured clients using the GPO policy to have the required settings (same on LAN and WLAN network), including certificate selection

    - 802.1X auth credential: Machine or user credential

    - EAP type: Smart Card or other certificate


    Machine certificates are enrolled during the imaging process when a machine is online and joined to the AD.


    The problem which we currently have is I would say chicken or the egg problem.

    When a user is logging on the machine for the first time, there is no certificate for such user. From the observation, there is around 50% change that the user cert auto-enrollment is finished during logon on LAN. But on WLAN is't failing all the time.


    We are looking for some option to extend the machine authentication session to provide more time for the user cert auto-enrollment when the user is visiting the machine for the first time.

    Is there any simple way how to auto-configure the supplicant to use "Machine credential" mode only in the case where is no user certificate available. And then re-configure the supplicant to the "Machine or User credentials" mode when there is a user certificate?


    Thanks

    Pavel

    :)
     
    Pavel Makovec (DHL IT, Sep 6, 2019
    #1
  2. JAFF77
    jaff77 Win User

    EAP-TLS error

    Hello, I am configuring an E66 with WPA2 EAP-TLS against IAS Radius and I always obtain the same error in the IAS event viewer.

    denied accesss

    Authentication-Type = EAP

    EAP-Type = Smart Card or other certificate

    Reason-Code = 16

    Reason = Authentication was not successful because an unknown user name or incorrect password was used.

    Has anybody tried E66 or similiar with EAP-TLS?

    Any experiences?
     
    jaff77, Sep 6, 2019
    #2
  3. DEUTE
    deute Win User
    deute, Sep 6, 2019
    #3
  4. RAFAL S'
    Rafal S' Win User

    User EAP-TLS authentication for the first time

    Rafal S', Sep 6, 2019
    #4
Thema:

User EAP-TLS authentication for the first time

Loading...

  1. User EAP-TLS authentication for the first time - Similar Threads - User EAP TLS

  2. Does PowerBI Desktop support mutual TLS authentication ?

    in Windows 10 Gaming
    Does PowerBI Desktop support mutual TLS authentication ?: Hi Team,I want to enquire if there is a possibility to connect to databaseSQL on remote serverLinux from PowerBI desktop using mutual TLS authentication ?Thanks & Regards,Akash...

  3. Does PowerBI Desktop support mutual TLS authentication ?

    in Windows 10 Software and Apps
    Does PowerBI Desktop support mutual TLS authentication ?: Hi Team,I want to enquire if there is a possibility to connect to databaseSQL on remote serverLinux from PowerBI desktop using mutual TLS authentication ?Thanks & Regards,Akash...

  4. Hello, I have an Issue with Win 11, with EAP -TTLS authentication

    in Windows 10 Gaming
    Hello, I have an Issue with Win 11, with EAP -TTLS authentication: Hello, I have an Issue with Win 11, with EAP -TTLS authentication for a wifi, previously i was able to connect to the wifi on windows 10, now it only shows secured or rather keeps telling you connect...

  5. Can't connect with EAP-TLS using Windows 10

    in Windows 10 Network and Sharing
    Can't connect with EAP-TLS using Windows 10: I'm trying to connect to a WPA2-Enterprise wireless network using certificates EAP-TLS from Windows 10 but I can't and I don't know how to troubleshoot this.I tried to create the connection both from Manage known networks > Add, and by manually creating a new wireless...

  6. Can't connect with EAP-TLS using Windows 10

    in Windows 10 Gaming
    Can't connect with EAP-TLS using Windows 10: I'm trying to connect to a WPA2-Enterprise wireless network using certificates EAP-TLS from Windows 10 but I can't and I don't know how to troubleshoot this.I tried to create the connection both from Manage known networks > Add, and by manually creating a new wireless...

  7. Can't connect with EAP-TLS using Windows 10

    in Windows 10 Software and Apps
    Can't connect with EAP-TLS using Windows 10: I'm trying to connect to a WPA2-Enterprise wireless network using certificates EAP-TLS from Windows 10 but I can't and I don't know how to troubleshoot this.I tried to create the connection both from Manage known networks > Add, and by manually creating a new wireless...

  8. Mac user switching to Windows for the first time

    in Windows 10 Ask Insider
    Mac user switching to Windows for the first time: Hey I’m switching to windows for the first time! Need something I can game and pretty much do everything on without spending 3000$ so I’m getting a decent spec’d gaming laptop. How can I make my windows pc as user friendly as possible any extensions, programs or tips? Also...

  9. Windows 10: Microsoft Protected EAP (PEAP) - 802.1x Authentication Credentials (User...

    in Windows 10 Network and Sharing
    Windows 10: Microsoft Protected EAP (PEAP) - 802.1x Authentication Credentials (User...: We are using the Microsoft Protected EAP (PEAP) Network Authentication with CISCO ISE to authenticate endpoints in our campus. Every time after the installing updates on Windows 10 Computers, the 802.1x authentication credentials (User Authentication) saved on the clients...

  10. Single Certificate for multiple client devices for an EAP-TLS system

    in AntiVirus, Firewalls and System Security
    Single Certificate for multiple client devices for an EAP-TLS system: Hello, I am designing a system to include multiple laptops connected to a Server via an EAP-TLS capable Access Point. So I want to configure the system for EAP-TLS WAP security. There are a couple of use cases in the requirements where having unique certificates in the...