+ Post New Thread
Results 1 to 2 of 2
Wireless Networks Thread, CISCO wireless networks client validation in Technical; Hi, We have been coerced into having the county's supplied cisco wireless network, this in it's self is ok(ish) but ...
  1. #1
    Hedghog's Avatar
    Join Date
    Jul 2006
    Location
    North Wales
    Posts
    194
    Thank Post
    35
    Thanked 17 Times in 16 Posts
    Rep Power
    37

    CISCO wireless networks client validation

    Hi,

    We have been coerced into having the county's supplied cisco wireless network, this in it's self is ok(ish) but because the controller is centrally hosted we are having a few problems getting it going.

    We are using PEAP and EAP-MSCHAP V2 in the security settings. So we can stop all and sundry using the network the clients are set up to use computer only authentication when setting up the wireless session (Win 7 ) or computer when available (win XP), certificate validation is unchecked.
    In addition the controller is access our AD via a trust (this in it's self seems to work according to our network guy in the county)

    Despite this the session fails to set up and pops up a window demanding user authentication. If I look at the logs the failure is around the trusting of certificates - our clients don't trust the CISCO controller certificate.
    I'm not familar with the SSL protocol handshakes but I thought unchecking the certificate validation would stop this.
    Help would be much appreciated.

    Peter

  2. #2
    Hedghog's Avatar
    Join Date
    Jul 2006
    Location
    North Wales
    Posts
    194
    Thank Post
    35
    Thanked 17 Times in 16 Posts
    Rep Power
    37
    Right!!

    Finally got it sorted both in my own mind and on the PC.
    For anyone who is interested 802.1x authentication depends on certificates - if the server uses generally available ones ok but if, as in our case,the certificate is a self certified one you will need to import it into the "trusted root certificates" store on the PC.
    The validate server certificates button only forces the PC to check that the certificate it has recieved matches the one in the store and most importantly is still valid. If you do not have access to the supplier of the certificate do not tick this.
    You can import the certificate in (as far as I know) 3 ways: -

    copying the certificate to the PC and double clicking it
    opening up the MMC, start the certificates snap in and import the certificate
    Via a GPO in the windows wireless security setting in the computer part of the policy
    Last edited by Hedghog; 21st June 2012 at 01:34 PM. Reason: layout

SHARE:
+ Post New Thread

Similar Threads

  1. Setting up home wireless network with MAC and PC..?
    By tosca925 in forum General Chat
    Replies: 6
    Last Post: 21st November 2011, 04:39 PM
  2. Cisco wireless network controllers
    By maniac in forum Wireless Networks
    Replies: 3
    Last Post: 21st January 2011, 12:08 AM
  3. Cisco Wireless Network
    By Willott in forum Wireless Networks
    Replies: 13
    Last Post: 16th November 2009, 02:44 PM
  4. securing wireless network
    By adamyoung in forum Wireless Networks
    Replies: 22
    Last Post: 1st February 2006, 09:26 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •