Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Securing wireless with certificates on clients

I have a customer that wants to use certificates to authenticate clients on a wireless network.

I cant se how this is to be implemented :-)

Can someone here point me in the right direction ??

/PerB

4 REPLIES
New Member

Re: Securing wireless with certificates on clients

New Member

Re: Securing wireless with certificates on clients

I would use PEAP user authentication. It only requires a server side SSL digital certificate so don't have to visit each client. It's secure and easy to manage. You install the certificate on your authentication server.

You normally have to renew the SSL certificate and reinstall annually though.

Chuck

New Member

Re: Securing wireless with certificates on clients

Hey guys,

FYI the server certficate used in PEAP is only protecting you from connecting to a fake wireless AP with the same SSID. All you have to do is uncheck the box "validate server certificate" to bypass any certificate checks so that may not be what you are looking for. You may want to look at TLS or PEAP with TLS. I have not used either, so I don't have any first hand experience with those, but they use client based certificates so that would authenticate your client with something beyond the usual user name and password. With PEAP only, all you need is a valid user name and password. You can use most any computer to connect if you do not validate the server cert on the client.

Randy

New Member

Re: Securing wireless with certificates on clients

Thanks !

The idea is to have certs on all the clients. Usernames and passwords has to be simple in this implementation. PEAP with TLS sounds like the solution to test.

/PerB

150
Views
5
Helpful
4
Replies