802.1X Linux EAP-TLS

Vault PKI certs, dACL, UFW integration

← SECURITY | Portfolio Index

Category

SECURITY

Status

BEHIND

Premise

Zero-trust network access for Linux workstations

Goals

Automated certificate enrollment via Vault
Dynamic ACLs from ISE
UFW rules synced with dACL

Current State

Documentation complete, blocked by certificate bug

Next Steps

Fix nmcli certificate password handling
Test with modestus-aw endpoint
Document troubleshooting guide

Related Documentation

Architecture Notes

Flow: Supplicant → Switch → ISE → Vault PKI

Notes