We use the same certificate on two ACS servers for PEAP authentication to avoid the certificate warning when user connects to the 2nd ACS server. We haven't seen any issues with that.
--- Dennis Xu Network Analyst, Computing and Communication Services University of Guelph 5198244120 x 56217 ----- Original Message ----- From: "Bob Richman" <robert.b.richma...@nd.edu> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Monday, September 19, 2011 1:11:02 PM Subject: [WIRELESS-LAN] Issue with Microsoft NPS certs and ipads/iphones We have a new issue that popped up when we upgraded our radius backend for our dot1x/peap from 2 microsoft widows 2003 IAS servers with Equifax certs to 3 microsoft windows 2008 NPS servers with geotrust certs. What we have is issues with ipad/iphones that seem to only sometimes remember the cert they most recently accepted. So for example, an IPAD connecting to the wireless using NPS server 1 will prompt the user to accept and they get on. Subsequent attempts to an AP that uses that same server will work fine. But an attempt to another set of APs using server 2 will cause the user to have to accept the cert corresponding to the new server. We do use the Cloudpath installers, but they seem to be of no help here. So, we did change 2 things at once, new certs and going from IAS to NPS. Anyone having any issues like this? Thanks, Bob Richman University of Notre Dame. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
