We are running a WCS appliance (Upgraded from WLSE) v22.214.171.124
This is running a Linux Distro and I have found refernce to a file called ssl.conf from within httpd.conf for the SSL settings.
Within this file is the Cipher setup string which include LOW and SSLv2. I have tried removing this reference, as well as adding a ! before each statement (apparently killing this option).
When I reboot the device I check the SSL.CONF file and it remains as it. I then scan the appliance and get a report back about weak ciphers and when I next check the SSL.CONF file it have "magically" reverted back to the original file.
So does anyone know HOW I can modify this? I have tried making the file read-only which doesn't help.
You can place the WCS appliance behind an apache server and use the apache proxy function to set the ssl cipher level. I know this is a round-about way of doing it, but it provides for more control, security and customization
Inside the relevant folders there is a backup folder. By copying the changes into the file in this folder it seems to work. So from what I can fathom upon boot and service start the files are copied from the backup folder and these are the ones used for the service.
The only problem is I now need MOD_REWRITE to disable Track/Trace but the WCS didn't have this compiled.
I wish Cisco would harden their servers (well appliances really) more or at least give the administrators a way to lock these down
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...