I really suggest you get a globally valid issued certificate. Once you start to integrate mobile phones or Apple/Linux computers it gets difficult. If you only have Windows domain joined devices and are running your own CA server, you can work by issuing a CA signed certificate to the ISE and your Windows clients will trust it.
The PEAP flow is, simplified, client tries to join ssid, radius sends a (P)EAP package to client, encrypted with its certificate, client checks certificate if issuer is trusted, if ok client submits credentials, radius validates them and if ok tells the AP/WLC access ok and the client switches to associated state and starts dhcp process.
Ok you were on the same track as me because unless all my mobile devices within the organization are on an MDM and getting the internal CA cert or even the ISE self signed they will have issues joining.
Correct, they can join, but it can be more difficult. One more important detail, if you don't push a profile to the clients, they will get a certificate pop up which they have to check and approve. This is normal and actually required and the only protection against man in the middle attacks!
After adding a WLC to ISE if you get the following error (See message below) after running debug aaa tacacs enable in the WLC. Incorrectly formatted authorization message Here's what you need to do to fix it. Login to ISE Work centers, Settings, Device ad...
Community Live- Understanding How Multicast Works with Cisco Wireless LAN Controllers
(Live event - formerly known as Webcast- Tuesday November 19, 2019 at 9 am Pacific/ 12 pm Eastern / 6 pm Paris)
This event will have place on Tuesday 19th, Novembe...
Where to download
Attached files on this post
Alternatively, cloud version (only summaries)
New implementation for the WLC Config Analyzer. it is a new re-write of the application, with clean up and improved checks
Support for IOS...
New Version for the Wireless Lan Config Analyzer: v.4.4.14
Supports AireOS up to 8.8, any model.
Error parsing AP list with location with spaces
For tool information: