I'm trying to configure a 1242 AG Access Point (configured as a Workgroup Bridge) with EAP-Fast using in-band authentication and requiring certificate for provisioning. I have a certificate and all required options checked on ACS 4.1 Server side, and a trustpoint defined on AP side, but I always get a handshake failure.
Although, using EAP-Fast anonymous in-band is working, and using EAP-TLS with the these certificates works too.
So I finally ask this question : as someone ever configured a 1242 AG Access Point as a client to use EAP-Fast PAC provisioning based on certificates, and is there some undocumented trick that I've missed ?
Thanks for the link to the document. I've checked out all the options and they are ok, but the TLS(PKI) phase 0 is not mentioned, and it still stop working as soon as I disable the anonymous authentication. I guess I should try with a laptop client (actually the goal is to connect a small network to the main network where the radius server is, using 2 access points), just to be sure of my ACS configuration.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...