Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS - Verisign Cert - PEAP Auth - XP Clients

Hi

I am hoping to implement PEAP using a server certificate on ACS generated from a real CA like Verisign/Thawte etc to prevent having to distribute an internal root CA certificate to all clients.

I have discovered that Verisign provide a WLAN Auth certificate product , but this appears to be specificlly for IAS.

Does anybody know whether I can just generate a certificate reest from the ACS box and use any certificate , or is there a particular type I need?

Any help would be much appreciated!

Thanks

Leon

2 REPLIES
Silver

Re: ACS - Verisign Cert - PEAP Auth - XP Clients

CTA can be configured to perform machine authentication using certificates provided that the 802.1x Wired Client has been installed.Refer http://cisco.com/en/US/products/ps5923/products_maintenance_guide_chapter09186a00806870ac.html for more information.

Re: ACS - Verisign Cert - PEAP Auth - XP Clients

Yes you can generate a cert request from the ACS server and submit it to an online CA. One I've used several times with no problems is www.rapidssl.com . The whole process takes only a few minutes and a 5 year cert is about $350 which is pretty good value.

197
Views
5
Helpful
2
Replies