Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
490
Views
0
Helpful
0
Replies

Cisco NAC CAM & CAS SSL Certificates Expired

scott.macdonald
Level 1
Level 1

‎10-19-2019 02:22 PM

Hi, I'm running outdated and unsupported v.4.9.3 with an HA pair of CAMs and HA pair of CASs. Using basic captive portal for both guest unsecured and employee secured wireless authentication, along with MAC AUTH. I have been using two SSL certificates over the years, one for the NAC MGR communication and another for the captive portal(eg.captiveportal.mydomain.com). The SSL certificates expired and everything just stopped working. The CAM stopped talking with the CAS and the captive portal stopped working. 

 

I bought or renewed the certificates, installed the NAC MGR certificate on the CAM and now CAS and CAM are seeing each other. But my redundant CAM is still showing red or disconnected and under the failover section it says the peer CAM is DEAD. Also, even though the CAM and CAS see each other, none of the MAC AUTH clients are able to authenticate. 


Is there is a special procedure for installing SSL certificates if they expired? For example, do both certificates have to be installed on all 4 appliances? 


Thanks for any help you can provide.


Scott

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents