https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236039#M126638 <HTML><HEAD></HEAD><BODY><P>that is true, I am using RADIUS server for the authentications ; we are useing WPA2/WPA1 </P><P></P><P>Thanks for the greate information </P></BODY></HTML> Wed, 15 May 2013 10:30:35 GMT csco11030279 2013-05-15T10:30:35Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236037#M126636 <P>Hi;</P><P></P><P>is there anyway to configure a certificate between the wireless AP and clients to secure my username and the password.</P><P></P><P>my setup is WLC5508/AP1142/ACS5.4 </P><P></P><P>I need the client to trust&nbsp; the certifcate before entering the UN/PW </P> Sun, 04 Jul 2021 07:04:24 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236037#M126636 csco11030279 2021-07-04T07:04:24Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236038#M126637 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>It what authentication are you using?&nbsp; If you are using a RADIUS server typically the certificate will be installed on the RADIUS server.</P><P></P><P>Let me know and we should be able to work it out.</P><P></P><P>Cheers</P><P>Chris</P></BODY></HTML> Wed, 15 May 2013 09:37:48 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236038#M126637 Chris Illsley 2013-05-15T09:37:48Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236039#M126638 <HTML><HEAD></HEAD><BODY><P>that is true, I am using RADIUS server for the authentications ; we are useing WPA2/WPA1 </P><P></P><P>Thanks for the greate information </P></BODY></HTML> Wed, 15 May 2013 10:30:35 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236039#M126638 csco11030279 2013-05-15T10:30:35Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236040#M126639 <HTML><HEAD></HEAD><BODY><P>That's fine then, the certificate gets installed on your RADIUS server.</P><P></P><P>Register it in DNS make sure you have the trusted roots intalled and you should be good to go.</P><P></P><P>Thanks</P><P>Chris</P><P></P><P></P><P>Edit:&nbsp; It's simple enough to generate the CSR in ACS 5.</P></BODY></HTML> Wed, 15 May 2013 10:32:17 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236040#M126639 Chris Illsley 2013-05-15T10:32:17Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236041#M126640 <HTML><HEAD></HEAD><BODY><P><A href="http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml#compdomain">http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml#compdomain</A> </P><P></P><P></P><P></P><P></P><P></P><P>I found this link, but in this procedure the computer or the wireless client should be part in the domain.</P><P></P><P>is this the only way to do that, ?</P></BODY></HTML> Wed, 15 May 2013 12:26:10 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236041#M126640 csco11030279 2013-05-15T12:26:10Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236042#M126641 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Not read it, but if you are authenticating against AD you do need an object in the domain to authenticate against, be that a computer or a username, the certificate part though has nothing to do with the domain.</P><P></P><P>Thanks</P><P>Chris</P></BODY></HTML> Wed, 15 May 2013 13:29:10 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236042#M126641 Chris Illsley 2013-05-15T13:29:10Z https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236043#M126642 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>As per your query i can suggest you the following solution-</P><P></P><P style="margin-top: px; margin-bottom: px;">LAP authorization can be performed in two ways:</P><UL><LI>Using the Internal Authorization list on the WLC<BR /></LI><LI>Using the MAC address database on an AAA server<BR /></LI></UL><P style="margin-top: px; margin-bottom: px;">The behaviors of the LAPs differ based on the certificate used:</P><UL><LI>LAPs with SSCs—The WLC will only use the Internal Authorization list and will not forward a request to a RADIUS server for these LAPs.<BR /></LI><LI>LAPs with MICs—WLC can use either the Internal Authorization list configured on the WLC or use a RADIUS server to authorize the LAPs<BR /></LI></UL><P style="margin-top: px; margin-bottom: px;"></P><P style="margin-top: px; margin-bottom: px;">This document discusses LAP authorization using both the Internal Authorization list and the AAA server.</P><P>For more information refer to the link-</P><P></P><P><A href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c7234.shtml">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c7234.shtml</A></P><P></P><P><A href="http://technet.microsoft.com/en-us/library/cc759077(v=ws.10).aspx">http://technet.microsoft.com/en-us/library/cc759077(v=ws.10).aspx</A></P><P></P><P>Hope this will help you.</P></BODY></HTML> Wed, 15 May 2013 21:57:37 GMT https://community.cisco.com/t5/wireless/certificate-between-access-point-and-wireless-client/m-p/2236043#M126642 Abhishek Abhishek 2013-05-15T21:57:37Z