Avalanche powered by Wavelink

Home 

This page refers to an older version of the product.
View the current version of the User Guide.

Setting Up Certificate Authentication

As part of the initial setup process for certificate management, you need to establish certificate authentication policies. When a network policy with EAP-TLS encryption is created and deployed in Avalanche, it requires certificate authentication between the device and server. To enable this communication, you need to make additional changes to the machine currently running your SCEP server.

If you have not already configured the SCEP server, see Configuring the SCEP Server.

The Network Policy Server application should be set up with the following configurations in Policies > Network Policies:

Network policy for WiFi access enabled

Conditions set for any desired user groups (e.g., AVA\Domain Users)

To configure certificate authentication:

1.From the Certification Authority Server application, right-click on Certificate Templates in your certificate authority server and click Manage.

2.Right-click on IPSec (Offline request) and click Duplicate Template.

3.On the General tab, enter a Template display name.

4.On the Security tab, select Administrator as the managing user.

5.On the Extensions tab, select the Application Policies extension and click Edit.

6.Click Add.

7.Select Client Authentication and IP security IKE intermediate.

8.Click OK to apply all changes to the template.

9.Right-click on Certificate Templates again and select New > Certificate Template to Issue.

10.Select the template you just created and click OK.

11.Launch the Registry Editor and navigate to the MSCEP folder.

12.Enter the name of your certificate template as the Data for the following registries:

EncryptionTemplate

GeneralPurposeTemplate

SignatureTemplate

The server is configured to authenticate certificates.

Once this step is complete, you can begin working in Avalanche to integrate the service with your certificate server, starting with entering SCEP credentials in System Settings. For more information, see Configuring General System Settings.

This page refers to an older version of the product.
View the current version of the User Guide.

The topic was:

Inaccurate

Incomplete

Not what I expected

Other

Copyright © 2017, Ivanti. All rights reserved.

Terms of Use