When using PEAP does the certificate that you are using have to be a "real" certificate (i.e. purchased from a CA like Verisign) or can you use a certificate created by the certificate manager in Win2k Server?
Protected EAP (or PEAP)PEAP authentication is designed to support One-Time Password (OTP), Windows NT or 2000 domain, and LDAP user databases over a wireless LAN. It is based on EAP-TLS authentication but uses a password or PIN instead of a client certificate for authentication. PEAP is enabled or disabled through the operating system and uses a dynamic session-based WEP key, which is derived from the client adapter and RADIUS server, to encrypt data. If your network uses an OTP user database, PEAP requires you to enter either a hardware token password or a software token PIN to start the EAP authentication process and gain access to the network. If your network uses a Windows NT or 2000 domain user database or an LDAP user database (such as NDS), PEAP requires you to enter your username, password, and domain name in order to start the authentication process.
for more details on configuration check the following URL
You do NOT have to use a purchased certificate for PEAP to function. However, the PEAP client must be able to validate the Certificate chain. Once option which I used for testing was to install Microsoft CA (standalone root) and then submit the CSR from ACS to the CA. Once the CA has accepted the CSR, the user must download the certificate to the ACS server and install it. In order for the client to verify the the Certificate chain, the root CA certificate (optained from the Microsoft standalone root CA that you installed) must be installed on ALL clients that wish to be authenticated using PEAP.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...