I am using an ISE service to authenticate my mobile devices (PEAP through WLC), but we havn't an internal PKI. To solve this fact, i'm dealing with a public certificate provider to get a public certificate for a public domain i'm owning.
The CSR include a public name as CN (auth.mydomain.net), and the private name of the server as SAN (ise01.localdomain.ve), but the public certificate provider answers me that the "ve" extension is the public extension for Venezuela, so he cannot generate this SAN certficate if I don't own this public "localdomain.ve" domain...
My question is the following : I know we can specify IP on the SAN field, but do you think I can specify only the private IP address, without DNS name ? In other words, do you think that ISE can accept a certificate with a public name as CN and only its private IP address as SAN ?
Subject Alternative Names let you protect multiple host names with a single SSL certificate.
Subject Alternative Names allow you to specify a list of host names to be protected by a single SSL certificate. Secure host names on different base domains in one SSL Certificate. A wildcard certificate can protect all first-level subdomains on an entire domain, such as *.example.com. But a wildcard cannot protect both www.example.com and www.example.net.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...