cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
325
Views
1
Helpful
2
Replies

5508 web authentication

rjevans2014
Level 1
Level 1

I am trying to setup 802.1x authentication in my network. I have a 5508 WLC and am using Microsoft NPS as my Radius server. I would like to be able to use a splash page after a PEAP authentication to show our Acceptable Use Policy, but I can't get it to work. I am now trying to get layer 3 web authentication to work, but I can't get my certificate to install on the controller. I have compiled my unchained certificate according to cisco.com's procedure, but installation fails every time. Any help would be great.

 

2 Replies 2

vinodjad1234
Level 2
Level 2

Hi,

 

Please refer below link to install certificate on controller :

 

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/70584-csr-wlc-00.html

 

 

Vinodjad,

 

I followed the tutorial that you posted and just as before I am running into the same problem. I thought that it might have something to do with openssl and the common name configuration at the beginning of the tutorial, but I believe I have followed those steps correctly. I suppose it could have something to do with Microsoft CA. 

 

Any ideas?

 

Thanks,

 

 

 

(Cisco Controller) >debug pm pki enable

 

(Cisco Controller) >transfer download start

 

Mode............................................. TFTP  

Data Type........................................ Site Cert     

TFTP Server IP................................... omitted

TFTP Packet Timeout.............................. 6

TFTP Max Retries................................. 10

TFTP Path........................................ /

TFTP Filename.................................... wlc-final3.pem

 

This may take some time.

Are you sure you want to start? (y/N) y

 

TFTP Webauth cert transfer starting.

 

TFTP receive complete... Installing Certificate.

*TransferTask: Apr 24 14:07:11.971: sshpmCheckWebauthCert: Verification return code: 0

 

*TransferTask: Apr 24 14:07:11.971: Verification result text: unable to get local issuer certificate

 

*TransferTask: Apr 24 14:07:11.971: Error at 0 depth: unable to get local issuer certificate

 

*TransferTask: Apr 24 14:07:11.977: sshpmAddWebauthCert: Error decoding certificate, Deleting it.

 

Error installing certificate.

 

 

(Cisco Controller) >debug pm pki disable   

 

(Cisco Controller) >debug transfer all enable

 

(Cisco Controller) >transfer download start  

 

Mode............................................. TFTP  

Data Type........................................ Site Cert     

TFTP Server IP................................... omitted

TFTP Packet Timeout.............................. 6

TFTP Max Retries................................. 10

TFTP Path........................................ /

TFTP Filename.................................... wlc-final3.pem

 

This may take some time.

Are you sure you want to start? (y/N) y

*sshpmLscTask: Apr 24 14:07:50.361: sshpmLscTask: LSC Task received a message 4 

*TransferTask: Apr 24 14:08:31.723: Memory overcommit policy changed from 0 to 1

 

*TransferTask: Apr 24 14:08:31.723: RESULT_STRING: TFTP Webauth cert transfer starting.

 

*TransferTask: Apr 24 14:08:31.723: RESULT_CODE:1

 

 

TFTP Webauth cert transfer starting.

*TransferTask: Apr 24 14:08:35.725: Locking tftp semaphore, pHost=omitted pFilename=/wlc-final3.pem

 

*TransferTask: Apr 24 14:08:35.809: Semaphore locked, now unlocking, pHost=omitted pFilename=/wlc-final3.pem

 

*TransferTask: Apr 24 14:08:35.809: Semaphore successfully unlocked, pHost=omitted pFilename=/wlc-final3.pem

 

*TransferTask: Apr 24 14:08:35.837: TFTP: Binding to remote=omitted

 

*TransferTask: Apr 24 14:08:35.845: TFP End: 3032 bytes transferred (0 retransmitted packets)

 

*TransferTask: Apr 24 14:08:35.845: tftp rc=0, pHost=omitted pFilename=/wlc-final3.pem

                                                                                                 pLocalFilename=cert.p12

 

*TransferTask: Apr 24 14:08:35.845: RESULT_STRING: TFTP receive complete... Installing Certificate.

 

*TransferTask: Apr 24 14:08:35.845: RESULT_CODE:13

 

 

TFTP receive complete... Installing Certificate.

*TransferTask: Apr 24 14:08:39.849: Adding cert (3008 bytes) with certificate key password.

 

*TransferTask: Apr 24 14:08:39.869: RESULT_STRING: Error installing certificate.

 

 

*TransferTask: Apr 24 14:08:39.869: RESULT_CODE:12

 

*TransferTask: Apr 24 14:08:39.869: Memory overcommit policy restored from 1 to 0

 

 

Error installing certificate.

 

 

(Cisco Controller) >

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: