cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2134
Views
10
Helpful
4
Replies

Cisco WLC EAP-TLS configuration

cisco-eurocem
Level 1
Level 1
 
I need help. I'm trying to configure virtual WLC for EAP-TLS authentication. I configured that, but I don't know where I can set CRL (certificate revocation list) or OCSP (Online Certificate Status Protocol). I must to use this technolodgy for deny access for laid-off employees.
4 Replies 4

Abhishek Abhishek
Cisco Employee
Cisco Employee

Please refer to the link for configuring Cisco WLC EAP-TLS-

http://mrncciew.com/2013/04/22/configuring-eap-tls-on-wlc/

Thanks, but I saw this post. The question about CRL and OCSP is open.

 

gabriel.barrios
Level 1
Level 1

as far as i know, they are embedded into the properties of each certificate. Look for the details of it.

 it will be your RADIUS (NPS, ISE or WLC if doing the end tunnel termination) the one that request the CRL via http or ldap.

 

hope it helps

CRL and OCSP are both part of the certificate itself. Your CA must add the URL for these services when the cert is generated. The WLC does not get configured with the URL for these services. The WLC simply knows the Radius Server IP(s) and has the root cert installed so it can handle the TLS authentication. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: