07-18-2013 07:31 AM - edited 07-18-2013 07:41 AM
Most of our clients use laptops with Windows 7/8 installed on them. We just had the Aruba wireless AP's, Controllers and ClearPass installed last week and this week we're running into a problem where we have to uncheck "Validate Server Certificate" under properties for the connection for our clients to be able to connect. Doens't seem like a huge deal, except that anytime a clients machine restarts the check mark is there again and we have to go back down and uncheck it again. Times this by 50 teachers and come school time it's going to be a nightmare.
So my question is, do we need to install a certificate on our controller and backup controller, or is this a clientside problem? As of right now I know we do not have a server certificate installed on the controller.
Any advice is appreciated, I'm a Jr. Sys Admin and had this dropped in my lap, so feel free to explain it to me like I'm a five year old.
07-18-2013 07:55 AM
If these Windows machines are joined to an Active Directory domain, you can create a GPO that configures the wireless profile.
Computer Configuration > Policies > Windows Settings > Security Settings > Wireless Network (802.11) policies.
Be sure you select the Root CA and enter in the names of the RADIUS servers (name that is presented in the cert).
You'll need to look at your RADIUS server cert to get the name of the Root CA and the Common Name of the cert.
07-22-2013 07:42 PM
Try taking a look at Aruba's QuickConnect. It will automate the 802.1x supplicant config on all machines...not just ones joined to the domain.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
07-23-2013 07:13 AM