Automate a certificate install for Wireless network.

[glamprecht1]

Hello All

We have recently upgraded our wirless network to all Cisco WAPS and now have a Cisco central wireless controller.

The old setup with the Wep key was real simple but as times change so must we all. This new setup now uses AES/PEAP and requires an certificate install. For some reason, this certificate must be install in the local profile.

With 2 to 3 thousand profiles and about 100 wireless devices this is getting old real quick.

Does anyone have a simple how to on how to automate a certificate install for a wireless network?

 

[ADB100]

PEAP does not require certificates on each client.....

With PEAP you can just install a certificate on the RADIUS Server and enable the trusting of this on each PEAP client and use MS-CHAPv2 for their authentication. If the CA is an Enterprise CA (i.e. in the Domain) then there is nothing extra you need to do.

If its EAP-TLS you are talking about then that's different... EAP-TLS requires each client to have a certificate (User or Machine or both depending on the implementation) and you would need to either enroll each client for a certificate manually or automate it via Group Policy (obviously MS Active Directory). With a 2000 AD Machines can ber automatically enrolled but you need a Native 2003 AD and XP+ clients to automatically enroll users for certificates.
Best page to start at is:

http://technet.microsoft.com/en-us/network/bb530679.aspx

What is it that isn't working?


Andy

 

[ADB100]

Might be worth reading here as well:

http://technet.microsoft.com/en-us/library/bb456981.aspx

Andy