802.1X Linux

Project Summary

Field Value

Field	Value
PRJ ID	PRJ-SPOKE-001
Owner	Evan Rosado
Priority	P1 (High)
Status	Active
Repository	`~/atelier/_bibliotheca/domus-ise-linux`
Antora Component	`ise-linux`
Antora Title	DOMUS ISE Linux
Category	Network Security
2026 Commits	171
Site URL	docs.domusdigitalis.dev/ise-linux/

PRJ ID

PRJ-SPOKE-001

Owner

Evan Rosado

Priority

P1 (High)

Status

Active

Repository

~/atelier/_bibliotheca/domus-ise-linux

Antora Component

ise-linux

Antora Title

DOMUS ISE Linux

The ISE Linux component documents the complete methodology for deploying 802.1X EAP-TLS authentication on Linux workstations against Cisco ISE. This is the largest ISE-focused spoke in the ecosystem, covering PKI certificate enrollment via HashiCorp Vault, NetworkManager 802.1X supplicant configuration, Active Directory integration, ISE policy set design, and posture compliance.

The documentation serves as both a production runbook for CHLA and a reference implementation for any enterprise deploying Linux 802.1X with ISE.

Scope

In Scope

EAP-TLS certificate lifecycle (enrollment, renewal, revocation) via Vault PKI
NetworkManager wpa_supplicant 802.1X configuration
Active Directory join and SSSD integration for Linux endpoints
ISE policy set design: authentication, authorization, posture
Downloadable ACLs (DACLs) and authorization profiles
Multi-workstation deployment (Razer, Alienware, ThinkPad P50)
Switch-side IBNS 2.0 / C3PL configuration
VyOS firewall integration for segmented VLAN access
Troubleshooting guides (RADIUS, certificate, posture failures)

Out of Scope

Windows 802.1X (covered by ise-windows)
Wireless 802.1X (covered by ise-ops)
ISE cluster administration (covered by ise-ops)
General Linux administration (covered by linux-ops)

Status

Indicator	Detail
Activity Level	Active — 171 commits, consistent development
Maturity	Production — extensive attribute system (394 attributes), comprehensive nav
Last Activity	Ongoing 2026
Key Milestone	VyOS HA firewall integration (replaced pfSense, March 2026)
Deployment Status	Live in home lab, methodology validated for CHLA

Indicator

Detail

Activity Level

Active — 171 commits, consistent development

Maturity

Production — extensive attribute system (394 attributes), comprehensive nav

Last Activity

Ongoing 2026

Key Milestone

VyOS HA firewall integration (replaced pfSense, March 2026)

Deployment Status

Live in home lab, methodology validated for CHLA

Metadata

Field	Value
PRJ ID	PRJ-SPOKE-001
Author	Evan Rosado
Date Created	2026-03-30
Last Updated	2026-03-30
Status	Active
Next Review	2026-04-15

Field

Value

PRJ ID

PRJ-SPOKE-001

Author

Evan Rosado

Date Created

2026-03-30

Last Updated

2026-03-30

Status

Active

Next Review

2026-04-15