I am attempting to configure 801.1x EAP-TLS machine authentication in the following environment:Windows XP SP2 client.Cisco 2960 SwitchCisco Secure Access Control Server for RADIUS authenticationWindows 2003 Standalone CAWhen the machine certificate is loaded into the Local Computer certificate store, I experience the following when the network cable is plugged into the Windows XP computer:- The computer receives an EAP identity request (per Wireshark dissector) from the switch.- The computer never responds to this request.- Windows XP displays the message "Windows was unable to find a certificate to log you on to the network".When I copy the same certificate from the local computer store to the current user store the whole setup works fine after being prompted to select a certificate to use.Authentication is configured on the Windows XP computer as follows:Enable 802.1x authentication for this network: CheckedEAP type: Smart card or other certificate Properties When connecting: Use a certificate on this computer Use simple certificate selection: Checked Validate server certificate: Checked Trusted certificate for Root CA issuing machine certificate: Checked Use a different user name for the connection: CheckedAuthenticate as computer when computer information is available: CheckedAuthenticate as guest when user or computer information is unavailable: ClearedAgain, the same certificate that WORKS in the CURRENT USER store,does NOT WORK in the LOCAL COMPUTER store.I assume that I am not creating the certificate correctly.Thanks.1 person needs an answerI do too

Hi PA IT,I would recommend you to call Microsoft's Professional Level Support at 1800 936 5800 or 1800 936 5900.I hope this helps.

I have roughly the same issue-If I issue a certificate to the user, then I have happy wireless but using a machine certificate I just get "unable to find certififcate to log you onto the network"I tried a million different settings and a few different client PC's. My radius server never receives an access request and I'm a bit baffled as where I can take this.Am I right in thinking the Microsoft Professional support isn't free????

Don't know about Microsoft Professional Support costs.I have seen some references in Microsoft documentation that to use machine certificates for EAP-TLS authentication that you must use auto-enrollment with an AD-integrated Enterprise CA. Yet, other documentation seems to suggest that this is not a requirement.Anyone know?

Is that a fee-based service?