I really suggest you get a globally valid issued certificate. Once you start to integrate mobile phones or Apple/Linux computers it gets difficult. If you only have Windows domain joined devices and are running your own CA server, you can work by issuing a CA signed certificate to the ISE and your Windows clients will trust it.
The PEAP flow is, simplified, client tries to join ssid, radius sends a (P)EAP package to client, encrypted with its certificate, client checks certificate if issuer is trusted, if ok client submits credentials, radius validates them and if ok tells the AP/WLC access ok and the client switches to associated state and starts dhcp process.
Ok you were on the same track as me because unless all my mobile devices within the organization are on an MDM and getting the internal CA cert or even the ISE self signed they will have issues joining.
Correct, they can join, but it can be more difficult. One more important detail, if you don't push a profile to the clients, they will get a certificate pop up which they have to check and approve. This is normal and actually required and the only protection against man in the middle attacks!
Question:I have two Cisco 5520 WLC running HA 184.108.40.206 code. Clients (not all) from different places are having difficulties to surf internet on Guest WiFi. Different devices like surface pro, laptops and even phones (both android and phones) is having t...
I have:Product/Model Number : AIR-SAP1602I-E-K9withCisco IOS Software, C1600 Software (AP1G2-K9W7-M), Version 15.3(3)JC, RELEASE SOFTWARE (fc1)I need to have internet access via eth in a deep place of my basement. So I bought a small thing called wifi ext...
I have a few AIR-CAP3502E-A-K9 access points that I want to change to Lightweight mode. I did a lot of researching and found that I needed the ap3g1-k9w7-tar.153-3.JAB.tar file or a similar version of it.I do have that file and I was able to upload ...
WLAN Poller provides functionality to:
Bulk data/debug collection from Controllers and APs. Execute the commands on regular intervals.
DFS statistics and debug collection
IOS AP Flash health check and memory
AP cert check with generating reports
My report tells you a simple viewpoint to understand the evolution of the wireless LAN from 1997 to the 2020s. You can also get basic knowledge on an uplink of Wi-Fi6, the latest IEEE 802.11ax standard. Data analysis results based on our experimental s...