Replace Radius Certificate, best way?

Unanswered Question
Aug 6th, 2010


We currently have a deployment of a WCS, two WiSMs, some 80 APs and around 1000 Clients. They authenticate with WPA2-PEAP against two Cisco ACS Servers. The ACS have valid server certificates. The Clients use all available operating systems on the market.

I need now to replace the ACS servers with new Windows Radius servers. The new Radius servers also use new certificates from a different reseller. My tests with a test SSID have shown that I need to delete and recreate the connection profile in Windows 7, to be able to connect after the Radius change.

Any good way on how to achieve the exchange, without making to much work on the client side?

The clients are all private machines (education), so we can't really deploy anything on them.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
patoberli Sun, 08/08/2010 - 23:38

The servers have new hostnames, so the Certs would be probably not anymore valid.

If you add the Wlan to Windows7 by selecting it and click connect, it will automatically put the Validate Option on.

I guess I won't come around to inform the users to delete and recreate the connection.


This Discussion



Trending Topics - Security & Network