I am testing the 802.1x Enforcement functionality using EAP-TLS method.
My Test environment is as given as below
NPS server, Subordinate Root CA ----> Windows Server 2008
Domain Controller ----> Windows 2003
Root CA ----> Windows 2003
Authenticator ----> 802.1x Switch
Client ----> Windows Vista
Problem status is that, in EAP-TLS method NPS server is sending Finish message, and then response of EAP and then after EAP-Failure. (802.1x Switch is receiving Radius-Reject message from NPS server)
I need help on following
1) Could any body suggest me any tutorial or step by step guide for 802.1 enforcement using EAP-TLS method.
2) Windows VISTA client is using the certificate at the time of registration that certificate is published by Enterprise root CA of Active directory, Could any one teach me what is the importance of certificate (issued by Standalone CA on NPS server to VISTA client) in EAP-TLS method.
3) The radius-Reject message received by 802.1x switch is having the following setting in VSA code,
length = 6 type = 54 value = 1
The RFC 2548 does not contain this type VSA code setting, could any one teach me what is the meaning of this code, I can not understand the reason for failure of certificate because of this Data. Kindly help me in this regard,
Thanks to read my question
Regards
Brijesh Shukla