- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
09-21-2011 11:37 AM
Hey All; For WI-FI Customers that want to perform EAP-TLS authentication is there any way we can use the global protect agent as a supplicant to a Wireless or Wired Access point? maybe taking their local credentials from Windows, then proxy the auth to a RADIUS server in the back-end through the firewall?
09-26-2011 12:01 AM
No you can't.
A workarround would be to replace the wifi authentication with user-authentication on the PAN.
10-11-2011 12:35 PM
While you can't use it as a EAP-TLS supplicant. The agent can allow encrypted connections in with captive portal as you mentioned.
When you do use EAP-TLS and a certifiate or PEAP with Windows we did figure out a way to use the reporting from the wireless (Aruba/Cisco) into the accounting records as long as they used a RADIUS server.
01-17-2012 11:00 AM
We have modified our companion product to support this for anyone looking to authenticate over EAP-TLS with certifcates and put the identity into the Firewall we can support this integration. www.spyders.ca.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!