is it possible to replace the standard lwapp ssc against one of our company CA-certificates to allow the wlc to check the correctness of the aps certificate ? (button under security/aaa/ap policies -> Authorize AP agains aaa on the wlc) Is there maybe any guide, which i can't find on cisco.com ? :) When iam connected to the lwapp via console i can see or modify the sscs.
The WLC is hard coded with certificates from Cisco, as are Cisco Access Points. The two devices mutually authenticate each other using these (x.509) certificates, and there's nothing you can do about that I'm afraid - any Cisco WLC will always trust any Cisco AP.
If your approach is from the perspective of preventing unauthorised Cisco APs from connecting to your WLC, then you can use the AAA feature you mention.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...