Hi, everyone! I'm rather confused and hoped that someone could help me to make the situation clear.
We wan't to establish a wi-fi net with WPA-2 Enterprise and EAP-TLS for computers and mobile devices (iPhones, Nokia Symbian, Android devices).
The connection is organised in such way: client---AP 1240---ACS 4.2---AD(server 2003)
I have 2 testing computers with wi-fi adapters: one is connected to the domain (has a wire connection), another has a local account, and an iPhone. I customized the settings on these computers,iphone, AP and ACS.
We have our own CA, 2-tier PKI infrastructure. I have installed the ACS and client's certificates on all the devices (by the way, they are 2048 bit size of).
I manage to connect from a computer included in the domain but the second PC and iPhone refuse to connect,respectively:
"EAP-TLS or PEAP authentication failed during SSL handshake".
"EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake"
Also I saw in logs that "Machine authentication is not permitted" so the domain PC authenticates through user account and is mapped to a special group.
So I think the reason is that only domain devices are allowed to join the net. How can I change this thing?
Another variant is that I issue the certificates first to wired domain computers and then export them to non-connected to domain devices so they have inappropriate credentials.
Please, if you have any thoughts about the reason of the problem, share them. I would appreciate any help.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...