Solved

Is current WLC 5500 Device Certificate required for EAP-TLS to work?

Posted on 2016-10-27
2
102 Views
Last Modified: 2016-10-27
In the document below I see that WLC device certificate be installed on the Cisco WLC as part of the overall getting EAP working process. If the device certificate expires - what would be the impact of any configured EAP-TLS? PEAP? It seems like I've read elsewhere that the certificates that mattered for EAP-TLS were on the wireless client and at the RADIUS server.

You can view the device certificate via WLC GUI at Security/IPSec Certs/ID Certs.

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/100590-ldap-eapfast-config.html
0
Comment
Question by:amigan_99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 41863320
You only need a certificate on the WLC if you're doing local EAP or web-auth.

To process EAP-style authentication with RADIUS it's not necessary to have a certificate on the WLC; only on the RADIUS server. Depending on the type of EAP authentication used you may also need a certificate on the client too.
1
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 41863355
That explains exactly what I saw among a group of WLC's - some with expired certs and some not. And it turns out the ones with good certs were doing EAP-TLS but with local EAP. Thank you very much for clarifying this!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Part One of the two-part Q&A series with MalwareTech.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question