Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2556
Views
0
Helpful
19
Replies

Issue with AP Auth List

Go to solution
nix-patheon
Level 1
Level 1

‎03-07-2014 04:00 AM - edited ‎07-05-2021 12:21 AM

Hi guys,

I'm havin problems joining an AP (3602I) to my controller (5508) when authorising MIC's against against my auth-list on the controller.

I have added the AP MAC address to the auth-list but the AP won't successfully join. The controller occasionally says "joined" and I can view it in the AP list, but the AP status is always UNKNOWN, whereby I will reset the AP and try again.

Any ideas?

Thanks.

Labels:
0 Helpful
19 Replies 19

Go to solution
Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to nix-patheon

‎03-07-2014 05:58 AM

The X.509 certificates are burned into protected flash on both the       access point (AP) and WLC at the factory by Cisco. On the AP, factory installed       certificates are called manufacturing installed certificates (MIC).

You must select MIC box to connect AP to WLC.

For Auth for APs

you can add the mac address of APs and check the box  Autheriz  MIC APs againest auth-list or AAA.

Regards

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-07-2014 05:56 AM

That's not increasing security. If someone out a new Cisco ap that is lightweight on your network.... It's your now, because you manage it.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
nix-patheon
Level 1
Level 1
In response to Scott Fella

‎03-07-2014 06:04 AM

I thnk I see where I have went wrong. I need to check both boxes? One to allow the MIC, and the other to authorise against the MAC list?

0 Helpful

Go to solution
nix-patheon
Level 1
Level 1
In response to nix-patheon

‎03-07-2014 06:08 AM

Is the correct answer!

Correct answer is to Sandeep (the penny dropped after reading his post a couple of times), but thank you for your time Scott, it is very much appreciated.

0 Helpful

Go to solution
George Stefanick
VIP Alumni
VIP Alumni
In response to nix-patheon

‎03-07-2014 07:31 AM

Correct. Also note you can add your APs to the Ap policy list OR the mac address filter. Both will work,

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
__________________________________________________
"Im like bacon, I make your wireless better"

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card