Is peap the only authentication method i can use for radius wireless clients?
We have 3 guest APs that i wanted to use radius user/pass authentication for (save me having to roatate 3 guest aps psks every few months ad for future growth).
so were using NPS on server 2012r2 for authentication.
My relevant config is as per below:-
aaa group server radius GUEST_SERVER
server 192.168.1.2 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication login NO_LOGIN none
aaa authentication login guest_eap group GUEST_SERVER
aaa authorization exec default local
aaa session-id common
ip domain name guest.local
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.128 192.168.1.254
dot11 ssid WGLAN
authentication open eap guest_eap
authentication network-eap guest_eap
authentication key-management wpa version 2
This works apart from users get prompted to accept the guestservers certificate, ive only tested this on IOS at the moment too. ive heard that with win7 we have to import the cert to the users local store and change network profile settings. this is way too much config for a guest who may only know how to use powerpoint etc...
so my question is, is there another way i can authenticate wireless users via user/pass or pass using radius where its as simple as possible (i.e as simple as using a psk)
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...