Forum Discussion
F5, Cisco ISE and EAP-TLS
Hi,
We are in the process of migrating our ISE infrastructure(AAA servers) from cisco ACE to F5.
We followed Craig Hyps document for the configuring F5 LB. https://www.cisco.com/c/dam/en/us/td/docs/security/ise/how_to/HowTo-95-Cisco_and_F5_Deployment_Guide-ISE_Load_Balancing_Using_BIG-IP.pdf
All looks ok except EAP-TLS authentication. (PEAP user/computer works fine)
In the document there is nothing special mentioned that needs to be done for TLS.
I think it may be related to fragmentation but not sure.
I can also add here that if we point the NAD's to the PSN directly it works.
The problem is only when we use the VIP.
(PEAP work with the VIP also)
Do you know if something special needs to be done on the F5 for EAP-TLS to work.
Any information or hint is appreciated.
Thanks, Laszlo
- Gajena_221973NimbostratusHi Guys, I have a similar issue with TLS not working via VIP, did you able to solve this? Thanks Gaj
- i see nowhere any remark about special requirement for EAP-TLS. https://devcentral.f5.com/s/feed/0D51T00006i7R56SAE why do you suspect fragmentation is involved? could you post your virtual server config?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com