I'm currently in the process of designing a new wireless network and am looking to do both authorization from a RADIUS server (Active Directory) and encryption using WPA. Rather than setting a pre-shared key and distributing it to all the users I would rather have the AP automatically distribute the encryption key after the user has authenticated. Is this possible? If so, which Cisco AP's support this functionality?
I don't think you can do that. You might want to think about the following (if you have all Windows clients)
- Use PEAP machine authentication and push out the config (over the wire) via GPO
- Configure a domain controller with PKI (Certificate Services) and machine auto-enrollment. Use EAP-TLS for authentication, and push out the wireless config via GPO
- Use WPA with PSK and push out the config via GPO.
The only problem is that your wireless client config would need to be pushed out over the wire (not wireless) via GPO. This also assumes that your wireless supplicant is Wireless Zero Config (and not the Intel PROset or Cisco Aironet stuff).
I'm afraid you're going to have to touch the machines one way or the other, but you can touch them remotely (via GPO) or touch the manually to configure the wireless settings.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...