802.1x Certificates

[Guest]

I am trying to enable 802.1x autentication for my network but when I try to
connect to the network it says "Windows could not find a certificate to log
you on". I have set up a CA and RADIUS server and they seem to be working
fine. I have set a computer certificate to be deployed using auto-enrollment
and I have verified that computers are receiving the computer certificate. I
have set the 802.1x authentication options on the client computers to
authenticate using computer information when available. When I request a
user certificate and try to authenitcate it works fine, but when I delete the
user cert and still have the computer cert, it fails. It seems like Windows
is not even looking at the computer certificates when it decides what cert to
send in for authentication. Any ideas? I have been pulling my hair out and
I cant figure this one out. Any help would be greatly appreciated.

 

[Guest]

I am designing a Secure 802.1x solution. We are using PEAP authentication
(this is normally used when implementing an 802.1x solution) where you do not
need a certificate install on the client machine. (We are testing secure
machine authentication) Once your root CA is setup on your server, you must
create a sub-certficate under the root. We are running Cisco Secure ACS with
RADIUS and linking it to our WIN servr's active directory. What type of setup
do you have, I might be able to help you eliminate the pitfalls of the whole
802.1x certificate issue that took us 2 weeks to figure out.