Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
820
Views
0
Helpful
2
Replies

A little Lost

ciscosupport08
Community Member

‎08-06-2013 12:53 PM - edited ‎07-04-2021 12:36 AM

A little lost

I have a 5508 Wlc  and 6 AP's 

I have asetup a guest Wlan and vlan user login via Wlc and get web page to authacate works good

My issue is the internal wlan   I would like it to login in to MS AD  same as Lan clients  for sure I am missing something

We have AD 2008 r2 with a NPC installed and dns  No cert server installed on Domain controller 

I am in the middle of these steps http://networklessons.com/wireless/peap-and-eap-tls-on-server-2008-and-cisco-wlc/

I  was thinking there has to to be an easy way to do this without a cert server

Any ideas

Thanks I hate beiing a Noob at this

Labels:
0 Helpful
2 Replies 2

Scott Fella
Hall of Fame
Hall of Fame

‎09-03-2013 02:10 PM

Any time you use a radius server and the client use 802.1x authentication, then certificates are always involved. Is there an easy way... Sure, if you use a pre shared key, but that will not look up users via AD. You could search around and do LDAP of the WLC, but that's not my preferred way at all. Since you have AD and NPS, have your server team being up a CA and install certificates. Or you can buy a certificate for around 200 bucks a year and install that on the radius server. You can also use IIS and create a self signed if you want.

http://www.sslshopper.com/article-how-to-create-a-self-signed-certificate-in-iis-7.html

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card