How To 802.1X EAP-TLS?? HELP pls

Darkness89 · February 27, 2020, 8:32am

Hi Guys.

Im looking for some manual or documentation about how to configure Mikrotik for use it with EAP-TLS and Active Directory.

· I have installed the Radius server and the Certification Authority in the Active Directory.
· I have created the certificate and the security policy.
· I have created the NPS network policy.

I have managed to run the Mikrotik as an access point by logging in using Username / Password like a simple 802.1X Eap.
I can do it configuring Mikrotik like this:

But I need that demand me the certificate from the client side (802.1x EAP-TLS).
If I’m try to change EAP method from passthrough to EAP-TLS, I can’t establish a connection.

When I try to connect, it ask me for credentials of user/passw and When I enter it, then ask me again for a password..
On the Mikrotik logs I can see it:

What I should do for make it work??

If need some documentation more about it (Active Directory, Cert. Authority, NPS..) just tell me.
Thanks guys.

Darkness89 · February 27, 2020, 12:45pm

I’m try some changes without succesfull result..

I add the “Suplicant Identity” with the same name of the CN. But did not work.

I also tried to upload the certificate in extension .CER and .KEY, but it didn’t work either..

I don’t know what else to try, since without a certificate I connect well with credentials. That means that it connects the network policy and the active directory well

Darkness89 · February 28, 2020, 6:51am

No one knows anything?
There is no documentation about it?

rrmcguire · March 31, 2024, 4:03pm

Was there ever a resolution on this? I’m having the same issue

Thanks