Well the only or best way to secure non domain computers if you need them on your internal network is to use certificates, but you would have to generate a certificate for each machine. This would be a long process.... Another way is to use an MDM for mobile devices or Cisco ISE that can push out certificates or configuration to a non domain machine for ease of authenticating using a certificate. Not cheap solutions though. Non-domain is a bit more difficult and you will not find an easy route of doing these. There are many articles, but you will just have to give it a shot.
In a perfect world/scenario the each wireless device should do a certificate request to the CA.
CA administrator sees the request and based on the device identification, signs the certificate. Then the requester gets the certificate and based on that it can authenticate to your wireless infastructure.
In most production scenarios: how does the requester establish communication with CA so he can make the request/receive the signed request if he doesn't have access to wireless?
One workaround would be that first time the requester have access to a temporary GUEST network where he does the aforementioned process. Then with all things set, the wireless requester can successfully authenticate to your target Wireless network.
To answer your questions:
- each wireless device will use its own certificate;
- if for some reason you decide not to allow one device, you just revoke its certificate.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...