I have a wireless setup in my company and i would like to know how can i setup so that when somebody is trying to access the wireless private SSID it authenticates the client first (Laptop) and make sure it's part of AD and then the user .
Could you give us some more details around your clients and the wireless network config?
Generally speaking, you want to enable Machine auth with User Auth. Assuming you are already doing PEAP user auth with Windows clients running Wireless Zero Config, and ACS 4.2 performing your RADIUS authentication, then you'll want to do the following:
- Configure the wireless profile on the PC to include machine auth: On the Authentication Tab of the wireless profile, simply check/tick the "Authenticate as computer when computer information is available"
- On the ACS 4.2, enable machine auth, and perhaps Machine Access Restriction, in the windows database config section. Read the Cisco documentation very carefully about how MAR works to ensure it meets your needs.
The ACS guide also has a good section on enabling machine auth on Windows machines.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...