We currently have a deployment of a WCS, two WiSMs, some 80 APs and around 1000 Clients. They authenticate with WPA2-PEAP against two Cisco ACS Servers. The ACS have valid server certificates. The Clients use all available operating systems on the market.
I need now to replace the ACS servers with new Windows Radius servers. The new Radius servers also use new certificates from a different reseller. My tests with a test SSID have shown that I need to delete and recreate the connection profile in Windows 7, to be able to connect after the Radius change.
Any good way on how to achieve the exchange, without making to much work on the client side?
The clients are all private machines (education), so we can't really deploy anything on them.
Why can you not use the same cert from the ACS? Are your clients vailidating certs?
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin