Guest Access Certificates with Multiple Controllers

Answered Question
Mar 18th, 2010
User Badges:
  • Silver, 250 points or more

So I have an interesting scenario to run by the group, I haven't done this but was wondering if anyone else had tried it.


Scenario: is 5 WLC's running 6.0.188.0, One guest SSID, and One H-REAP guest SSID.


WLC#1: SNMP Name is WLC01, Virtual Interface DNS Name is GWLC.somewhere.com, Virtual Interface IP is 1.1.1.1

WLC#2: SNMP Name is WLC02, Virtual Interface DNS Name is GWLC.somewhere.com, Virtual Interface IP is 1.1.1.1

WLC#3: SNMP Name is WLC03, Virtual Interface DNS Name is GWLC.somewhere.com, Virtual Interface IP is 1.1.1.1

WLC#4: SNMP Name is WLC04, Virtual Interface DNS Name is GWLC.somewhere.com, Virtual Interface IP is 1.1.1.1

WLC#5: SNMP Name is WLCDMZ, Virtual Interface DNS Name is GWLC.somewhere.com, Virtual Interface IP is 1.1.1.1



So part 1 of my question is does the above configuration cause any issues with the controllers?



Part 2 of my question is can you request a single SSL certificate for the hostname GWLC.somewhere.com and install it on all the controllers?


The reason for having the certificate on all the controllers is because of the H-REAP Locally Switched SSID.


Anyone have experience with this, input, thoughts?


Thanks.

Correct Answer by dancampb about 7 years 1 week ago

Yes, when you setup the controllers like that you can use the same cert on every controller.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
dancampb Thu, 03/18/2010 - 08:48
User Badges:
  • Cisco Employee,

Yes, when you setup the controllers like that you can use the same cert on every controller.

Kayle Miller Thu, 03/18/2010 - 08:51
User Badges:
  • Silver, 250 points or more

Dan,


     Thanks for the response, have you done this configuration before? Just curious.


Thanks,


Kayle

dancampb Thu, 03/18/2010 - 08:54
User Badges:
  • Cisco Employee,

I have seen TAC cases come in on this exact setup.

weterry Sat, 03/20/2010 - 21:57
User Badges:
  • Silver, 250 points or more

I too have seen numerous cases on this.

Bottom line is that as long as your HREAP Guests can resolve GWLC.somewhere.com through DNS (as 1.1.1.1), then this should work.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode