@cjoseph wrote:
Disabling CPSEC for anything besides testing purposes is a mistake. Fortunately it can be undone.
(Replying to old thread but as it was discussed here previously so if anyone finds this with search etc..)
I heard the idea behind disabling CPSEC was that there is going to be extra work or something involved if a controller breaks and needs to be replaced.
Is there any truth to it even if using a single MM manged controller and not a cluster? What happens if you need to replace the controller and have all the APs boot to the same controller IP, but I guess some certificates are different in that case? Does the new controller just issue new certificates?