802.1x add profile ?
802.1x no(+) add profile button ??? help
MacBook Air, Mac OS X (10.7)
You are Awesome DrVenture... that worked perfectly....
Question marked as
Best reply
User profile for user:
Community User
From Apple Help
You can connect to a Wi-Fi or Ethernet network that is protected by the Institute of Electrical and Electronics Engineers (IEEE) 802.1X standard. The 802.1X standard is designed to enhance the security of local area networks.
In most cases your network administrator provides a configuration profile that contains the information and settings you need to authenticate with the network.
When you download the profile from the web or open the attachment using Mail, the computer recognizes the .mobileconfig extension as a configuration profile and begins installing when you click Install.
During installation, you may be asked to enter any necessary information, such as passwords that werenât specified in the profile, and other information as required. Enter any password necessary to use certificates included in the profile.
- Choose Apple menu > System Preferences, and then click Network.
- Select the network service you want to use, such as Ethernet or Wi-Fi, from the list.
- Click Connect. If you have installed multiple profiles, choose the one you want to use from the 802.1X pop-up menu, and then click Connect.
If you are connecting to an Ethernet network that uses 802.1X and want to connect automatically to the network when itâs detected, click Advanced, and then click 802.1X. Select âEnable automatic connection.â
Ask your network administrator or service provider if you need more information.
42 replies
Hi,
I am running OSX Lion 10.7.2, and am having trouble connecting to my Cal-State campus network. I deleted my profile before reading that I shouldn't. I downloaded the ipcu and tried what you stated. However, I get a message:
Could not open profile.
The profile is either missing some required information, or contains information in an invalid format.
Did they change the format of the output in the utility? Is there a similar utility for the Mac that can be used directly? I could use some assistance.
The file looks like the following:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>EAPClientConfiguration</key>
<dict>
<key>AcceptEAPTypes</key>
<array>
<integer>21</integer>
</array>
<key>EAPFASTProvisionPAC</key>
<false/>
<key>EAPFASTProvisionPACAnonymously</key>
<false/>
<key>EAPFASTUsePAC</key>
<false/>
<key>TLSAllowTrustExceptions</key>
<true/>
<key>TTLSInnerAuthentication</key>
<string>PAP</string>
</dict>
<key>EncryptionType</key>
<string>WPA</string>
<key>HIDDEN_NETWORK</key>
<false/>
<key>PayloadDescription</key>
<string>Configures wireless connectivity settings.</string>
<key>PayloadDisplayName</key>
<string>Wi-Fi (csun_wpa2)</string>
<key>PayloadIdentifier</key>
<string>wifi</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.wifi.managed</string>
<key>PayloadUUID</key>
<string>F7257DF7-3A6F-4C07-8FAA-8F71D9D81428</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>SSID_STR</key>
<string>csun_wpa2</string>
</dict>
</array>
<key>PayloadDescription</key>
<string>Profile description.</string>
<key>PayloadDisplayName</key>
<string>KS CSUN wpa2 network</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>51A9EE6D-66E7-46FD-852F-D01AFC2DB60B</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
I have no idea what they have at this campus, and it seems that no one who works in the IT department does either. Please help. Thanks.
Best Regards,
Kevin Shapiro
I got same issue, has anyone been able to solve it for 10.7.2?
Is CAL State running TTLS with PAP?
I'm having the same issue. Since recently management has decided to support Apple pc's. Now I need to connect them to a Windows network which is secured by 802.1x machine authentication. How can I configure the macs for this?
Hey Dr Venture, thanks for the info on the Iphone config utility.
but how ever i am trying to get the machine authentication going rather than than the user authentication.
i have added the Mac to the domain and the security group which is allowed to join the SSID, and the windows side can connect to the SSID without asking the password, i am trying to get the same working on the Mac side, just machine authentication.
is it possible?
thanks
Antony
THANK YOU SO MUCH!! I have been trying to figure this out for a very long time, and it was infuriating to have to type my password in every time I wanted to use the net. I will have to show my friends this!
So machine authentication will need to be set up with a Lion Server and Profile Manager. Currently there is no support for this in the iPCU.
If I am remembering correctly, you will first create a profile that will bind the Machine to AD using the Directory payload. Once the Machine is bound, you can create a system profile that can authenticate based on Directory and that should get you on.
You can also use SCEP, but that is a whole other banana.
Great instructions, but just another reason to use Windows 7 over OS X.
Hi Dr. Venture,
Thanks for helping us out with University wifi login problem.
I recentely bought Macbook Pro 10.7.3 Lion. I am having same problem. After selecting University wifi, safari does not bring the login page and mail, itunes freeze.
Can you please tell how to check University wife whether its running TTLS with PAP or not?
Thanks.
Hi Dr. Venture,
Please ignore my previous reply.
I followed exactly what you mentioned and it worked like charm.
I am so grateful for your help.
Thak you so much.
I am now going to help rest of my friends dealing with the same issue on the campus, and may be thinking to give lecture to IT guys who handle campus wifi đ.
Thanks again.
Hi,
I thought that campus wifi problem was solved, but it did not. I am experiencing same wifi problem when I try to connect to University of North Texas, Eaglenet wifi, even after adding 802.1X profile. I am really getting tired of this issue. IT helpdesk at the University have to clue how to solve this issue.
Please help me if you have any more suggestions.
Thank you.
So a quick Google search reveals this about your campus network:
Quick Start Guide
For those users that have used wireless before at another location and currently have their equipment configured for wireless operation , simply set the SSID to eaglenet and turn off WEP encryption. This should permit you to connect to Eaglenet from your device. Some operating systems will automatically detect the Eaglenet wireless network and offer to connect to it. With others, you may need to scan to find the available networks then select the one you want to connect to. Once you've connected to the wireless network, when you open a web browser to go to a web site, you will be asked to login with your EUID and password. When you complete the login, you may surf the web. If you have difficulty in connecting to Eaglenet, refer to the other selections listed below.
So, I take it UNT wants you to connect to their network, then open a browser to input login information? If that is true an 802.1X profile should not be needed. They are most likely running an open-no encryption network, with MAC athentication on the back end, where the ACL for the MAC Address gets created when you successfully log in.
When you try to login with Safari what happens? Did you try Firefox or Chrome if Safari does not work? Lion has a new pop up window that works with Safari that should give a pop up when the Aruba controller requests for Web Authentication. If you are just getting a blank window for the pop up, look at the upper right hand corner. Do you see a little lock? Click on the lock and look at the Certificate info. You might have to load that Cert in your Keychain and trust it before you can login.
Show you IT this post and see what they say.
Hope this helps.
Hi
Thanks for your reply DrVenture.
I read all the information available on UNT website about wireless help and I followed them. I am connected to Eaglenet whenever I open my macbook. On my firefox, Log in page of UNT Eaglenet shows up everytime and I can log in and access internet without any trouble.
Here is the pattern emereged from my experienced.
1. When I am on my home wifi connection, safari, mail, itunes access intenet without any trouble.
2. In the morning when I come to University, Macbook picks up Eaglenet wifi auotmatically and connects. When I first open safari, it shows the URL address of UNT eaglenet log in page but freezes at that point, never opens the log in page. Also there is no any pop up window that opens up, so there is no Lock I can find to click for Certificates.
3. At this time if I open mail or itune, both will open and freez until I force quit them all.
4. When I open firefox, it will take me to UNT Eaglenet log in website where, once I put the uername and password, I can access internet. Now if I open safari, mail or itune, they can access internet withut getting stuck.
I talked to IT help desk about this situation. They asked me to go to keychain Preferences and turn off the certificates. I did that, but no change.
They said that they are working on this issue and will call me once they find solution.
Here are the images, when I first open safari in the morning
I want to thank you for helping me out and I appreciate your help and time.
Hi
I just found out that this connection problem is in the campus news.
802.1x add profile ?