Certificates for IAS

svanguilder · ‎08-21-2007

Do I have to install the certificate from the CA on the WLC 4400? I exported a cert from our CA(someone else set that thing up and I am not totally sure it is right) and installed on a laptop and tried to get to the WLAN that I setup with 802.1x and I get no where. I do have the IAS server setup as a Radius on the WLC. All I get is "Aug 21 08:18:35.728 1x_auth_pae.c:2471 DOT1X-1-MAX_EAP_IE_RETRIES_REACHED: Reached Max EAP-Identity Request retries (21) for STA00:1b:77:25:44:cf" in the logs and nothing on the IAS server or the CA server. I am not getting a whole lot go on here.

Anyone got any idea of what is wrong here?

fynskisb16 · ‎08-21-2007

How do you have your IAS server setup? Are you running on a 2003 Domain? I'm running 6 IAS server that are DC's that talk with 8 4400 series controllers. I've had issues with IAS but I think we have it all worked out. I currently working on a doc that I can send you if you would like.

svanguilder · ‎08-21-2007

Yes I do have the IAS setup in a 2003 domain, but we are still mixed mode if that has any bearing.

I would definitely appreciate the doc you have. Email is svangui1@range.fairview.org

Thanks.

fynskisb16 · ‎08-21-2007

I'll email it to you as soon as I'm done.

svanguilder · ‎08-21-2007

Cool, thanks much!!

fynskisb16 · ‎08-21-2007

This is a work in process. Hope this helps everyone.

steve.busby · ‎08-23-2007

Nice job on your document. Much easier to follow than Microsoft's version (of course it's not Cisco WLC specific):

http://www.microsoft.com/downloads/details.aspx?familyid=60C5D0A1-9820-480E-AA38-63485ECA8B9B&displaylang=en

fynskisb16 · ‎08-23-2007

I'm working on adding the WLC to the document. It will show all the steps for 802.1x PEAP with IAS and windows clients.