Unable to get backup Self-sign Certificate to Authenticate Wireless Users
I currently am running a primary/backup ACS server to authenticate my wireless users. PEAP is the authentication method. I generated a self-sign certificate on both the primary and backup ACS servers and primary works fine. When I stop services on the primary I see users fail to the backup but on my test machine which has the secondary certificate loaded it will not authenticate.
I submitted a package.cab file to TAC and they couldn't even see my machine hit the ACS server.
Re: Unable to get backup Self-sign Certificate to Authenticate W
Perhaps you should eliminate the certificate as being a potential part of the problem. On your wireless client, disable the server certificate check.
You might also want to try setting your secondary server as the PRIMARY server to see if it is authenticating properly. You should also check the ACS logs to ensure that things like mis-configured shared secrets aren't the real cause of your problem.
Also - is the wireless client timing out before your wireless network/ACS combo have figured out that the primary ACS server is offline?
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...