All Topics » Pulse Policy Secure

Client Certificate Authentication

Contributor (11)
Feb 28, 2014 9:27am

Hi Guys,


I want to use MAG as radius server for user autentication like this below diagram :


laptop/Mobile device (ipad) ----Accesspoint/Controller------MAG (as radius) using local DB.


scenario 1: 

user connect via wireless AP (in controller will set MAG as radius for auhentication).

example user using ipad connect via wireless/wifi SSID test and will prompt to insert username and password,

user input username & password correct then connect to wireless (this is worked).


scenario 2: 

what about when user connnect via wifi and want to use client certificate for authentication ?

I tried using client certificate for authentication but user failed to login to wifi (in mag user access log said that reject userx ....., missing or invalid certificate).


I want to know how to setup certificate authentication for client ?

Hope you can help me guys.


Thanks guys.


Contributor (11)
Mar 2, 2014 10:56pm

Hi Andre,


Can you ensure that you have right EAP dot1x protocols enabled on the client device, along with right CA & client certficates uploaded and enabled in client device.




    Contributor (11)
    Mar 3, 2014 8:16am

    Hi Kannan,


    Thank you for your responsse.


    in ipad using EAP-TLS and in mag also enable for this protocol.

    does it have to use junos pulse on ipad to do certificate authentication or just can use wifi connection only?


    and how to create CA and client certificate ?