802.1x auth

Discussion in 'Mac OS X Server, Xserve, and Networking' started by adam9c1, Jul 11, 2016.

  1. adam9c1 macrumors 65816

    adam9c1

    Joined:
    May 2, 2012
    Location:
    Chicagoland
    #1
    Trying to figure out how to connect 10.11.5 to 802.11 wifi.
    This needs to be computer based auth.

    I can create and push a profile via OS X Server.

    My network admin tells me he did not push a certificate to Windows clients.

    Any ideas?
     
  2. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #2
    @adam9c1 Are they using RADIUS authentication or strictly profile based?
     
  3. adam9c1 thread starter macrumors 65816

    adam9c1

    Joined:
    May 2, 2012
    Location:
    Chicagoland
    #3
    Radius.

    I have very little knowledge of the setup and my network admin is very much against APPL so my stacks are against me.
     
  4. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #4
    You would need your credentials then to sign on rather than a regular profile.
     
  5. adam9c1 thread starter macrumors 65816

    adam9c1

    Joined:
    May 2, 2012
    Location:
    Chicagoland
    #5
    The other network guy who I can work with told me he got it to work briefly on one device running 10.7.
    He said somewhere in the keychain he pulled the computer name and password.

    He says the authentication is device based, not user based.


    Via Profile Manager all I can do is get the popup at login prompt to select the proper WiFi. Once I sign in (with cached credentials) under System Preferences it tries to connect to WiFi and fails quickly.
     
  6. jdmage_mx5 macrumors newbie

    Joined:
    Jun 8, 2016
    #6
    We use machine/certificate based authentication for our wireless. The cert and wireless settings are pushed via Profile Manager. The computer connects to the wireless and contacts the radius server. The radius server confirms the computer is in our Active Directory tree, if not it is then booted. Depending on how it is all set you may or may not need a cert.

    If they are wanting machine auth then you should not be having to sign in to the wireless. Have you checked your console logs to see what is happening when it tries to connect?

    Also have the network guys check to see if the radius server is even getting a knock knock from your machine. This may narrow down the problem to either the radius server or your machine.
     
  7. adam9c1 thread starter macrumors 65816

    adam9c1

    Joined:
    May 2, 2012
    Location:
    Chicagoland
    #7
    Thanks jdmage_mx5,

    I have something to look into. The network guy claims they are not pushing a cert (to Win) clients.
     
  8. jdmage_mx5 macrumors newbie

    Joined:
    Jun 8, 2016
    #8
    Thats totally possible that there may not be a cert used. As stated before I would look at your console logs for anything related to this and have them look at the radius server to see if the machine is even reaching out to it.

    Good luck on this adventure.
     

Share This Page