Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Client Certificate Authentication

andre_
Contributor
‎02-28-2014 09:27:AM
‎02-28-2014 09:27:AM

Client Certificate Authentication

Hi Guys,

 

I want to use MAG as radius server for user autentication like this below diagram :

 

laptop/Mobile device (ipad) ----Accesspoint/Controller------MAG (as radius) using local DB.

 

scenario 1: 

user connect via wireless AP (in controller will set MAG as radius for auhentication).

example user using ipad connect via wireless/wifi SSID test and will prompt to insert username and password,

user input username & password correct then connect to wireless (this is worked).

 

scenario 2: 

what about when user connnect via wifi and want to use client certificate for authentication ?

I tried using client certificate for authentication but user failed to login to wifi (in mag user access log said that reject userx ....., missing or invalid certificate).

 

I want to know how to setup certificate authentication for client ?

Hope you can help me guys.

 

Thanks guys.

 

0 Kudos
3 REPLIES 3
kalagesan_
Super Contributor
‎03-02-2014 10:56:PM
‎03-02-2014 10:56:PM

Re: Client Certificate Authentication

Hi Andre,

 

Can you ensure that you have right EAP dot1x protocols enabled on the client device, along with right CA & client certficates uploaded and enabled in client device.

 

Regards,

Kannan

0 Kudos
andre_
Contributor
‎03-03-2014 08:16:AM
‎03-03-2014 08:16:AM

Re: Client Certificate Authentication

Hi Kannan,

 

Thank you for your responsse.

 

in ipad using EAP-TLS and in mag also enable for this protocol.

does it have to use junos pulse on ipad to do certificate authentication or just can use wifi connection only?

 

and how to create CA and client certificate ?

 

Thanks

 

0 Kudos
kalagesan_
Super Contributor
‎03-03-2014 11:01:PM
‎03-03-2014 11:01:PM

Re: Client Certificate Authentication

Hi Andre,

 

No junos pulse needed on ipad, infact we dont have a junos pulse client for ipad in UAC, we only junos pulse client for SA SSL VPN connection.

 

Please use your ipad  wifi profile only, please ensure that you have uploaded the client ( user certficate ) on to the ipad, you can download the client certs & the server CA  either by importing if from a email or hyperlink in your ipad device.

 

Ensure that you have the right user certficate selected in identity section on the respectrive WIFI profile with EAP-TLS enabled.

 

Hope this helps.

 

 


Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

Regards,
Kannan

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.