cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
145
Views
0
Helpful
3
Replies
Highlighted
Beginner

802.1x with open SSL certiifcate on 2504 Wireless Controller

Hi All.

can we authenticate 802.1x and Certificate based authentication.

we have cisco 2504 wlc ,ACS 5.4 and Open SSL certificate.

requirement is - if connect one of the ssid then it should asked for a certificate as wellas 802.1x authentication should be there

Everyone's tags (1)
3 REPLIES 3

Yes of course. Its called EAP

Yes of course. Its called EAP-TLS and would require a PKI whereby you can push certs to a device. 

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a008009256b.shtml

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Beginner

Hi George ,

Hi George ,

Thanks for the reply...

can please tell me what all settings to  be done on user laptop to connect certificate based authentication.

and the link you had shared  , in  that i am unable to see the images (topology etc)

Can you help me with the pdf file for the same

Thanks in Advance

Hall of Fame Master

Sudhir,

Sudhir,

When you setup 802.1x, you should have to have a client accept or do anything. You want it transparent.  In order to do EAP-TLS properly, you should have a certificate authority (PKI) designed properly.  Since you need a certificate on the radius server and every device, a 3rd party cert doesn't work well in this scenario.  If you have a single 3rd party cert and that's on the radius server, then you either can do machine authentication if all computers are domain or PEAP in which uses the AD credentials. You need all pieces in play to properly implement a security policy.

-Scott 

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards