We haev the 3rd party cert tied to a hostname, which resolves to 184.108.40.206 currently, as as and when someone eventually uses 220.127.116.11 as a publically routable address, we can just to a quick DNS change and we will be unaffected.
From our field engineer's feedback, the HTTPS cert for admin and the Web-Auth cert can share the same SSL cert, the condition is that to create a record in the local DNS server, in this record, one DNS name maps to two IP addresses(Virtual Gateway IP and WLC Management IP), then use this DNS name as CN to generate the SSL cert. Currently there's no bug or potential risk found. Everything works fine.
For all the other 3 kind of certs, it seems can't share. LSC is for regenerating AP/WLC X.509 cert(mutual auth during join process), never tested it, don't know how it behaves. IPSec cert seems can be used in:
1. Radius connection(not tested, don't know which Radius server can support IPSec)
2. Secure Mobility(UDP 16667)
3. VPN termination in WLAN profile(it seems only very old versions support it, 4.0, etc)
Anyway, it seems a lot of certs needed, customers are not happy for it since they have to pay more money
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...