Re: [WIRELESS-LAN] Apple TV/Apple Configurator

[Trenton Hurt]

The time issue was fixed couple software versions ago

https://community.arubanetworks.com/t5/Technology-Blog/Apple-TV-EAP-PEAP-Configuration-Clock-Fix/ba-p/143391

I still would always push to have these wired for performance and
stability.

I've followed these instructions to build profiles.  Of course you have to
use your certs.  You can get the required certs off a Mac that has
successfully connected to the dot1X network. Just find them in keychain
access and export them.

http://technology.pitt.edu/support/connecting-your-apple-tv-to-wireless-pittnet




On Fri, May 19, 2017 at 2:59 PM Kanan E Simpson 
wrote:

> Bruce,
>
>
>
> I’ve successfully built a wireless profile for Apple TVs using 802.1X
> (WPA2/AES)  and PEAP/MSChapv2 in my lab. It worked fine until I removed the
> power of the Apple TV. Once power is removed, the Apple TV loses its time
> and can no longer validate certificates. You must then connect the Apple TV
> to an open or PSK network to get the time corrected before another
> successful 802.1X connection.
>
>
>
> Because of this, we will not connect the Apple TV to our dot1X wireless
> network. We connect them via  guest/open WLAN and move them to another L3
> network on the back end.
>
>
>
>
>
> *Kanan Simpson*
>
> Network Services Engineer
>
> Valdosta State University
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Entwistle, Bruce
> *Sent:* Friday, May 19, 2017 1:32 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Apple TV/Apple Configurator
>
>
>
> I am currently attempting to use the Apple configurator to build a
> wireless profile to be loaded to an Apple TV which will then make an
> authenticated connection to our wireless network.  We are currently using
> our ClearPass server to authenticate this connection.   I have utilized
> many different combinations of WPA/WPA2 authentication options along with
> different combinations of trusted certificates.  These included the
> certificate from the authentication server(ClearPass) along with the
> associated root and intermediate certs.  However the connection still fails
> with the following error message,  Radius EAP: Client doesn’t support
> configured EAP methods.  I was looking to see if anyone has been successful
> using the Apple configurator to build such a profile which contains the
> SSID, username, password, security type and certificates then pushing it to
> the Apple TV so it can connect to the wireless network.
>
>
>
> Thank you
>
> Bruce Entwistle
>
> Network Manager
>
> University of Redlands
>
>
>
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

RE: Apple TV/Apple Configurator

[Kanan E Simpson]

Bruce,

I've successfully built a wireless profile for Apple TVs using 802.1X 
(WPA2/AES)  and PEAP/MSChapv2 in my lab. It worked fine until I removed the 
power of the Apple TV. Once power is removed, the Apple TV loses its time and 
can no longer validate certificates. You must then connect the Apple TV to an 
open or PSK network to get the time corrected before another successful 802.1X 
connection.

Because of this, we will not connect the Apple TV to our dot1X wireless 
network. We connect them via  guest/open WLAN and move them to another L3 
network on the back end.


Kanan Simpson
Network Services Engineer
Valdosta State University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Entwistle, Bruce
Sent: Friday, May 19, 2017 1:32 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Apple TV/Apple Configurator

I am currently attempting to use the Apple configurator to build a wireless 
profile to be loaded to an Apple TV which will then make an authenticated 
connection to our wireless network.  We are currently using our ClearPass 
server to authenticate this connection.   I have utilized many different 
combinations of WPA/WPA2 authentication options along with different 
combinations of trusted certificates.  These included the certificate from the 
authentication server(ClearPass) along with the associated root and 
intermediate certs.  However the connection still fails with the following 
error message,  Radius EAP: Client doesn't support configured EAP methods.  I 
was looking to see if anyone has been successful using the Apple configurator 
to build such a profile which contains the SSID, username, password, security 
type and certificates then pushing it to the Apple TV so it can connect to the 
wireless network.

Thank you
Bruce Entwistle
Network Manager
University of Redlands



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Apple TV/Apple Configurator

[Entwistle, Bruce]

I am currently attempting to use the Apple configurator to build a wireless 
profile to be loaded to an Apple TV which will then make an authenticated 
connection to our wireless network.  We are currently using our ClearPass 
server to authenticate this connection.   I have utilized many different 
combinations of WPA/WPA2 authentication options along with different 
combinations of trusted certificates.  These included the certificate from the 
authentication server(ClearPass) along with the associated root and 
intermediate certs.  However the connection still fails with the following 
error message,  Radius EAP: Client doesn't support configured EAP methods.  I 
was looking to see if anyone has been successful using the Apple configurator 
to build such a profile which contains the SSID, username, password, security 
type and certificates then pushing it to the Apple TV so it can connect to the 
wireless network.

Thank you
Bruce Entwistle
Network Manager
University of Redlands



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Use of Airtame on school environment

[Luiz Zicarelli]

Hello Bruce,

We use Apple TVs now and we are planning a trial with Airtame.

Thanks.



On Fri, May 19, 2017 at 9:18 AM, Osborne, Bruce W (Network Operations) <
bosbo...@liberty.edu> wrote:

> I am confused. Did you use Airtame or Apple TV?
>
>
>
>
>
> *Bruce Osborne*
>
> *Senior Network Engineer*
>
> *Network Operations - Wireless*
>
>  *(434) 592-4229 <(434)%20592-4229>*
>
> *LIBERTY UNIVERSITY*
>
> *Training Champions for Christ since 1971*
>
>
>
> *From:* Ian Lyons [mailto:ily...@rollins.edu]
> *Sent:* Thursday, May 18, 2017 3:00 PM
> *Subject:* Re: Use of Airtame on school environment
>
>
>
> I rolled this out at my old school. Over 150.  It worked well.
>
>
>
> The advancements that Apple made have made a difference.  Aruba/Clearpass
> etc, MDNS  -rock solid.
>
>
>
> The only caveat is that, like most Apple Products, are intended for
> consumers.  There isnt a great product (I know one exists) that really
> manages a deployment of Apple Tv’s that well.
>
>
>
> Updating them was a challenge.  Aside from that, a flatscreen and ~$150
> you are in business!
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Jeremy Mooney
> *Sent:* Thursday, May 18, 2017 2:53 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Use of Airtame on school environment
>
>
>
> I attended a peer presentation a few weeks ago where a school had switched
> to that and found it significantly better than everything else they had
> tested. They had the devices wired where possible, and placed in specific
> subnets reachable from the clients but also with a predictable IP pattern
> which displayed on screen. They then documented "look for the address
> starting with 10.x. on the screen" for people wanting to connect. The
> clients could remember the device name once connected to allow easy
> reconnect. The presenter actually demoed it live on the conference guest
> wifi (did his presentation via it) and then allowed people in the room to
> try it out. It's definitely on my shortlist for trying in our environment.
>
>
>
>
>
> On Thu, May 18, 2017 at 10:51 AM, Luiz Zicarelli 
> wrote:
>
> Dear all,
>
>
>
> we are exploring replacing our 130+ apple tvs with Airtame (
> www.airtame.com). Has anyone tested this so far? Seems to be very
> straight forward bu we are concerned about its performance within a
> segmented network environment. We are an Aruba shop, with Airgroup.
>
>
>
> Appreciate any comments.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>
>
>
>
> --
>
> Jeremy Mooney
>
> ITS - Bethel University
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

RE: Use of Airtame on school environment

[Osborne, Bruce W (Network Operations)]

I am confused. Did you use Airtame or Apple TV?


Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
 (434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Ian Lyons [mailto:ily...@rollins.edu]
Sent: Thursday, May 18, 2017 3:00 PM
Subject: Re: Use of Airtame on school environment

I rolled this out at my old school. Over 150.  It worked well.

The advancements that Apple made have made a difference.  Aruba/Clearpass etc, 
MDNS  -rock solid.

The only caveat is that, like most Apple Products, are intended for consumers.  
There isnt a great product (I know one exists) that really manages a deployment 
of Apple Tv’s that well.

Updating them was a challenge.  Aside from that, a flatscreen and ~$150 you are 
in business!

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeremy Mooney
Sent: Thursday, May 18, 2017 2:53 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Use of Airtame on school environment

I attended a peer presentation a few weeks ago where a school had switched to 
that and found it significantly better than everything else they had tested. 
They had the devices wired where possible, and placed in specific subnets 
reachable from the clients but also with a predictable IP pattern which 
displayed on screen. They then documented "look for the address starting with 
10.x. on the screen" for people wanting to connect. The clients could remember 
the device name once connected to allow easy reconnect. The presenter actually 
demoed it live on the conference guest wifi (did his presentation via it) and 
then allowed people in the room to try it out. It's definitely on my shortlist 
for trying in our environment.


On Thu, May 18, 2017 at 10:51 AM, Luiz Zicarelli 
mailto:luiz.zicare...@graded.br>> wrote:
Dear all,

we are exploring replacing our 130+ apple tvs with Airtame 
(www.airtame.com). Has anyone tested this so far? Seems 
to be very straight forward bu we are concerned about its performance within a 
segmented network environment. We are an Aruba shop, with Airgroup.

Appreciate any comments.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.



--
Jeremy Mooney
ITS - Bethel University
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.