I would like to ask if anyone knows of a resource that effectively spells out how to configure and use Microsoft CA services to issues valid certs for a PEAP implementation using a W2K installation of ACS 3.1, Aironet 1220 wireless access points, and the 6.x ACU. The only documentation I could find on the Cisco site is poorly lacking. My ACS TAC engineer wrote up his own documentation, but following these directions, I install only root certs, not server certs. I cannot get an authoritative answer to simple questions, such as what node gets what kind of cert, and etc.
I ran into the same issue when first attempting to configure PEAP. I also received some PEAP configuration documents from TAC which was pretty straightforward but I also ran into some "gotchas" with it. The way that I configured the CA server was as a Standalone Root CA, generated a private key using ACS, and then pasted the private key generated from the ACS server into the Advanced Certificate Request Form as a Base64 Encoded Certificate Request so I could then download and install the issued certificate to the ACS server. Once that was completed, I configured my APs and then generated the client certificates and installed them for the clients. One of the big "gotchas" that I ran into was concerning the supplicants (clients). Windows 2K clients must install a Microsoft "Hot-Fix" or patch in order to select the authentication type with their Network Properties and select specific certificate settings. I've got some documentation on this, if you would like for me to pass it along.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...