09-21-2011 04:38 PM - edited 07-03-2021 08:48 PM
Simple question, but not obvious.
I want to change the server cert from the built in CIsco one for local auth PEAP on a 2106 WLC to use my own server cert.
How do I install this and what is it called on the interface? There are several types of certs mentioned.
Simon
09-27-2011 12:14 PM
Hi Simon,
It looks like you're trying to do PEAP authentication on a specific SSID, is that correct?
Once you have the certificate generated, you'll upload it at the following location:
Topline Menu -> Commands
Then you'll choose "download file" and choose the certificate type to install it.
PEAP usually calls for a server side certificate (on your authentication server) to be installed on that server. Then you have to configure the controller for 802.1x authentication on the SSID itself. Pointing to one of the authentication servers listed on the "WLAN" Menu under security "AAA Servers". The servers themselves are entered in the "Security" Menu under either RADIUS or TACACS+ tab.
I can point you in the proper direction if you need more assistance, as I've done this many times. I just need more clarification on what you're trying to accomplish.
Regards,
Jerry
09-27-2011 12:25 PM
Let me be clearer - I'm user local auth on the controller. Rather than use the built in certificate for the local RADIUS on the WLC, I'd like to install my own. How do I do that?
thanks,
Simon
09-27-2011 12:44 PM
What version of code are you using?
09-27-2011 12:46 PM
7.0.116
09-27-2011 01:38 PM
Take a look at the configuration guide for version 7.0.116.0. It doesnt matter what model controller you're using for this exercise as they will be the same.
For installing certificates, start with page 10-19
For configuring the Local EAP start with page 6-42.
09-27-2011 01:45 PM
Thx - page number don't seem to correlate - I already have local eap working just fine. All I want to know is how to install my own cert. Do I just install a 'vendor cert'? Is that the right cert to install?
Simon
09-27-2011 01:52 PM
That's correct. Vendor cert is the right one.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide