We are running Cisco 1200 Access points authenticating to ACS 3.3 using PEAP authentication with both user and machine authentication. The clients are XP and have the KB885453 patch loaded.
The issue is that when a machine is powered on the machine authentication processes fine and the user authentication is successfull. The issue is that after the machine is left connected or left unattended for an hour or two you come back and you have lost connectivity and the ACS logs say DB user access denied(machine access restriction). If the user reboots the computer it is fine again.
In ACS under global authentication setup I have fast reconnect enabled and currently the PEAP session timeout set to 0. The recommendation was that the PEAP session timeout be set to longer than your workday and I had it set to 10 hours but it had the same affect. Can anyone tell me a recommended configuration where the machine authentication is maintained throughout a workday or overnight. I would think that if it times out that it would attempt to reauthenticate if a user tries to login or come out of suspend. I would really like to keep machine authentication if possible.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...