Cisco Aironet APs: Client-Authentication with Certificates? - Best Practices?
We currently are happily using like 8 aironet AP's (1242ag & 1200 models) for providing a guest-WLAN for our company Headquarter.
They all run in standalone mode (root APs).
Now we are thinking about providing a second SSID that points to another VLAN, which is our company's internal LAN.
First thought was to make it authenticate against Active Directory per MS NPS. But that would have the disadvantage that usernames could also be used on the worker's private notebooks to gain access, which we don't like.
So we decided to use certificate authentication, and each notebook gets a certificate, which can also be revoked and so on.
What's the best way to implement that?
There's plenty of infos on the net, but none of it fits 100% to our needs.
Microsoft NPS can authenticate with certificates. - Can aironet APs be configured to authenticate Clients against NPS with certificates. This info i could not find anywhere.
What would be the best way to do this?
Do we need to purchase a Cisco wireless LAN controller? And set up LWAPP? This would be maybe overkill in my opinion, considering our general network size. But if this is the only possiblity we might do so.
We are moving! Please use WLCCA Forum for updates and discussions
[toc:faq] Wireless LAN Controller (WLC) Config Analyzer Download Click
here to Download To request access, send an e-mail to
firstname.lastname@example.org. Please include your Cisco.com userna...
[toc:faq] IntroductionHere is the step by step process that we have to
take care of while converting LWAPP to IOS and then vice versa..LWAPP to
IOSThe hardware used = 1141 AP (make sure we are using the right
[toc:faq] Introduction AnyConnect Secure Mobility Client 3.0: Network
Access Manager & Profile Editor on Windows Summary Use the Cisco
AnyConnect Network Access Manager Profile Editor to build custom
profiles for the AnyConnect Secure Mobility Client. App...