Folks, greetings. We are about to go for a VoWLAN deployment and we are having a hard time deciding on what security to set on the wlan, and the authentication server. There are so many options: EAP/PEAP, EAP/LEAP, EAP/TLS, ACS, FreeRadius, NPS. Not to mention the PKI infrastructure. AD, LDAP, .... We are digging the documentation, but it seems that there is not a common sense on what is the best balance between security, performance, manageability. We have also
read that 802.1x causes problems during the roaming of the phones. Is that true? Any trick to avoid that? What is the easiest way to deploy security on this sort of environment without having an adminstrative nightmare and communications or performance issues? Can we go for Local EAP set on WLC and having only one user certificate to be rolled out on all the 7925G phones? Is it possible or is it mandatory to have as many
users certificates as phone devices? How about using the MIC preloaded on the phones; any hint on that? I have read that WPA2/PSK/TKIP is the recommended, but I don't think the customer will want to go over all the 7925Gs to change the psk in the case of a psk leakage. Of course we will go for a lab prior to the implementation. Versions envolved: WLC 7.5.102 (it will be upgraded) 7925G 18.104.22.168
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...