I am sure the security gurus will chime in on the technical side but I prefer LEAP+MIC+TKIP. My goal is very good security for a wireless network but at the same time I want things to be as transparent to the user as possible. If they do LEAP against a Cisco ACS that references the domain account you get dynamic WEP keys. You can go the extra mile and enable MIC and TKIP. Cisco says this may reduce your throughput as much as 30% but I have foud the impact to be negligible. This way you get SSO and data integrity and confidentiality using a system tha, in my opinion, someone would have to be pretty good to get into your system. It lock out most of the people who would want to get in but I have yet to see a totally hack-proof system. You can also go even farther and do Broadcast key rotation but if you do that you have some workarounds regarding VLANS else the user will get locked out after the second rotation.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...