cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
557
Views
5
Helpful
2
Replies

Replace LWAPP ssc (self-signed-certificate)

dne222
Level 1
Level 1

Hello,

is it possible to replace the standard lwapp ssc against one of our company CA-certificates to allow the wlc to check the correctness of the aps certificate ? (button under security/aaa/ap policies -> Authorize AP agains aaa on the wlc) Is there maybe any guide, which i can't find on cisco.com ? When iam connected to the lwapp via console i can see or modify the sscs.

Thanks for feedback/suggestions

2 Replies 2

Richard Atkin
Level 4
Level 4

The WLC is hard coded with certificates from Cisco, as are Cisco Access Points. The two devices mutually authenticate each other using these (x.509) certificates, and there's nothing you can do about that I'm afraid - any Cisco WLC will always trust any Cisco AP.

BUT

If your approach is from the perspective of preventing unauthorised Cisco APs from connecting to your WLC, then you can use the AAA feature you mention.

Take a look here...

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_configuration_example09186a00808c7234.shtml

Regards,

Richard

Thank you Richard for that link. Thats exactly what iam looking for !

Review Cisco Networking for a $25 gift card