12-20-2012 03:33 AM - edited 07-03-2021 11:15 PM
Hi,
We have the following issues on a wireless network running PEAP, authenticating on Active Directory through ISE 1.1.2:
Windows 7 laptops: (using native MS wifi drivers) Inconsistent connection attempts. Issue appears to be with certificate on ISE. If local validation is selected on the laptops, connection is mostly ok (security risk however), but if no validation selected, connection fails (Error is cert ' is not configured as a valid trust anchor') - could the 'Certificate Configuration' in this page be the right course of action:
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bba10d.shtml#topic28
Nokia: The WLC does not appear to receive a valid username (&pass through to ISE) from the handsets and no amount of configuration changes on handset seems to resolve this
Apple devices: Connect OK, but when Domain password changed on a laptop on Domain Controllers/AD, the iPhone/Pad wireless authentication continues using old credentials, until a reboot or extended period of time (Email however seems to prompt for new password on Apple devices immediately upon change on DC/AD).
Windows XP (using Intel v12 drivers), Blackberry's and Android devices work well without issues.
Any suggestions appreciated.
12-20-2012 06:33 AM
On your first question. Are you vaildating the certifciate on the client ? If you are, the cert needs to be in the root store of the client to vaildate.
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide