ISE BYOD Microsoft SCEP NDES 802.1x The SCEP server returned an invalid response
Using ISE 1.2 with WLC and on-boarding with single SSID. On occasion the error 'The SCEP server returned an invalid response' is received on the IPHONE being on-boarded - this is intermittent. The issue resolves itself in time. Any ideas on troubleshooting? tnks
With 'auto-enrollment' off this would never work at all - like I said it is intermittent. We have installed the hotfix from MS and also increased the http size in the url field as per others experience. I even setup a router with a CSR to get a cert during an outage period and was successful. I need to be able to troubleshoot the issue during a failure. We setup the NDES login account as per the guidance - I need to look this up and will post.
The console logs in the IPHONE are very verbose but I am not sure what to look for during a failure - a success also has many error messages.
On the NDES server regedit EnforcePassword = 0 and still having issues.
This has been done as well;
It is possible for ISE to generate URLs that are too long for the IIS web server. In order to avoid this problem, the default IIS configuration can be modified to allow for longer URLs. Enter this command from the NDES server CLI:
%systemroot%\system32\inetsrv\appcmd.exe set config /section:system.webServer/
security/requestFiltering /requestLimits.maxQueryString:"8192" /commit:apphost
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...