Hello, does anyone have experience getting IGEL devices to connect Cisco WLC wi-fi using certificates for authentication?
I’ve followed the posts on igelexperts.com igelexperts.com for setup, and have SCEP working with a certificate issued to the device. It appears the IGEL device isn’t presenting the right identity information for the Cisco wireless LAN controller to forward to our NPS server, on the IGEL a wireless connection attempt is made and it shows the message: _connecting… authentication_ for a little while until it times out. If I look on the Cisco controller it hasn’t forwarded the request to RADIUS and on the NPS server there is no log entry for the attempt.
From the daemon log I see these entries:
We have this setup and working. Give me a few to think through this a bit.
This is what our wireless profile looks like. Sorry for all the blurred parts, but was covering up the watermarks our Citrix sessions place on there when working remote. (see image in the IGEL Community of Slack)
Does it work if you convert the cert to a pfx and then import it into the firefox cert store?
openssl pkcs12 -export -inkey /wfs/scep_certificates/cert0/client.key -in /wfs/scep_certificates/cert0/client.cert -out /userhome/Downloads/cert.pfx -passout pass:password
thanks for the info – I compared my settings to those in the screenshot and I the EAP type set to TLS. Now I’ve changed it to PEAP with the Auth Method as TLS I don’t get the time out for authentication. It’s still not connecting and I’m now getting the syslog message:
wlan0 2199 settings not acceptable for wlan0 – reason: 802-1x.identity: property is missing
I guess the certificate doesn’t have the right information now
Continue reading and comment on the thread ‘How to connect Cisco WLC WiFi using certificates for authentication on IGEL OS’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!