20 Jan
2021
20 Jan
'21
11:27 a.m.
Has anyone deployed EAP-TLS in concert with BYOD? This Android 11 change that removes the ability for the user to "Do Not Validate" the CA certificate has forced us to re-evaluate our .1x PEAP solution. EAP-TLS seems like the best option, however the onboarding of user-brought devices seems tricky. With MDM or AD-joined devices pushing the certificates out are easy. In an environment where "bring your own device" is encouraged, I'm curious how network admins are making client certificate installations easy enough for end users to do. Android 11 change article for reference: https://www.xda-developers.com/android-11-break-enterprise-wifi-connection/ -- Munroe Sollog (He/Him/His) Senior Network Engineer munroe@lehigh.edu