Wlc 2100 with local eap auth

Linksys, Netgear, ect. Webbase configurations for Wireless access points.
Guest

Wlc 2100 with local eap auth

Post by Guest » Mon Jul 25, 2005 5:26 pm

HelloI have set up an wlc 2125 with local eap auth which I think is working fine for now.But I dont want it come up a certificate warning when user log in.Can I stop this from happening without bying a certificate?Can I turn of https all together?Trond

Guest

Re:Wlc 2100 with local eap auth

Post by Guest » Mon Jul 25, 2005 7:00 pm

Hi Trond, Could you please confirm whether you are referring to the server certificate pop-up on the client when doing PEAP authentication?If so, under the Authentication tab of the wireless card, in the PEAP settings there is a box called "validate server certificate" that you could uncheck. If you are referring to the certificates pop-up when trying to login to the WLC, this may be due to the fact that the WLC uses a self-signed certificate that is not yet trusted by the user.The fastest way would be to install this certificate on the users machine, so that it can trust it from that moment on. You can enable/disable HTTP and HTTPS access to the WLC under MANAGEMENT > HTTP-HTTPS Regards, Fede --If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Guest

Re:Wlc 2100 with local eap auth

Post by Guest » Mon Jul 25, 2005 7:16 pm

Hello and thanks for reply. Its not the logging in to the manager interface.I dont have set up an radius server yet som Im using the build in database in the wlc. The users are redirectet to a Cisco like page from the wlcs webserver where they must set in username/password. But before they come to the login page they are warned that this is a unsafe page,, certificate etc. In our inviroment its uneseserry with https at all so the best would be to not use it, but if not I will problaby have to buy a certificate. Now every wirless user will get this warning. Trond

Guest

Re:Wlc 2100 with local eap auth

Post by Guest » Mon Jul 25, 2005 8:23 pm

Thank you Trond, So here we are talking about web authentication, which does not use local EAP, so not sure whether the local EAP profile is really being triggered for that. Clients are being prompted with a WLCs self-signed certificate, more or less in the same way as they would be if they tried to login to the WLC via HTTPS.Similarly, the fastest way would be to install this certificate on the users machine, so that it can trust it from that moment on. Or you can generate a certificate signing request for the WLC, submit it to a root CA/buy a root CA signed server certificate (with the root CA trusted by the clients) and then install this certificate on the WLC:http://www.cisco.com/en/US/tech/tk722/t ... 367a.shtml For web authentication, there is no way to switch to HTTP for the WLCs certificate validation. Regards, Fede --If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Guest

Re:Wlc 2100 with local eap auth

Post by Guest » Mon Jul 25, 2005 8:40 pm

Thanks, then Il buy a certificate.

Post Reply