Re: [WIRELESS-LAN] Eap-tls user experience

Wireless Issues Community Group Listserv on behalf of Heavrin, Lynn Sent: Sunday, June 20, 2021 10:24:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Eap-tls user experience In my experience it tried to connect then the user is greeted with a retry or close option

Re: [WIRELESS-LAN] Eap-tls user experience

, Ryan H Sent: Sunday, June 20, 2021 11:46:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Eap-tls user experience For us, we always get a message when trying to connect that the ‘SSID is not in range’ if the person is onboarding off campus. But the clients don’t need

Re: [WIRELESS-LAN] Eap-tls user experience

For us, we always get a message when trying to connect that the ‘SSID is not in range’ if the person is onboarding off campus. But the clients don’t need to attempt multiple times. the devil is in the details. What operating system are you seeing this with? We are currently in Big Sur hell,

Re: [WIRELESS-LAN] Eap-tls user experience

UCAUSE Wireless Issues Community Group Listserv on behalf of Marsen Nuzi Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv Date: Friday, June 18, 2021 at 4:51 PM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" Subject: [WIRELESS-LAN] Eap-tls user experience Hello All,

Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2

day, February 7, 2020 at 1:42 PM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2 > > > Would you recommend we use an incommon public signed cert even if we’re > > able to have every BYOD client install our self-signed

Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2

@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2 > Would you recommend we use an incommon public signed cert even if we’re able > to have every BYOD client install our self-signed cert? No. The InCommon CA must adhere to the CA/Browser forum's rules fo

Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2

@LISTSERV.EDUCAUSE.EDU" > on behalf of "Heavrin, Lynn" > > Reply-To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" > > Date: Thursday, February 6, 2020 at 3:23 PM > To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" > Subject: [WIRELESS-LAN] EAP-TLS using ADC

Re: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2

ly-To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" Date: Thursday, February 6, 2020 at 3:23 PM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" Subject: [WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2 We’re planning to migrate our PEAP MSCHAPv2 wifi to EAP-TLS. At the recommendation of a co

[WIRELESS-LAN] EAP-TLS using ADCS and/or SecureW2

We’re planning to migrate our PEAP MSCHAPv2 wifi to EAP-TLS. At the recommendation of a couple big universities we talked with, we are looking at using SecureW2. We have demoed it and it works great provisioning the clients and enrolling user certificates to their cloud PKI. After bringing

RE: [WIRELESS-LAN] EAP-TLS

@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jonathan Waldrep Sent: Wednesday, August 16, 2017 5:15 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS > This weekend we will onboard probably 50,000 devices for TLS, and for the > most part, it is no longer a huge support issue. The biggest

Re: [WIRELESS-LAN] EAP-TLS

> This weekend we will onboard probably 50,000 devices for TLS, and for the most part, it is no longer a huge support issue. The biggest issues are around Android. Just about every other operating system works very easily (OSX can be a pain, but that revolves around entering a local admin

Re: [WIRELESS-LAN] EAP-TLS

u" < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> > *Date: *Tuesday, August 15, 2017 at 7:54 AM > *To: *"wireless-lan@listserv.educause.edu" < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> > *Subject: *Re: [WIRELESS-LAN] EAP-TLS > > > > Our campus isn't comfort

Re: [WIRELESS-LAN] EAP-TLS

15, 2017 at 7:54 AM To: "wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-TLS Our campus isn't comfortable with an open ESSID without verifying the identity of the user, so that's the value of eduroam - identity. ** Partic

RE: [WIRELESS-LAN] EAP-TLS

-Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Misra, Sapna Sent: Tuesday, August 15, 2017 11:38 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Hi Bruce, I am curious about

RE: [WIRELESS-LAN] EAP-TLS

7 11:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS > On Aug 11, 2017, at 6:45 AM, Osborne, Bruce W (Network Operations) > <bosbo...@liberty.edu> wrote: > > Jerry, > > > > I find some of your comments interesting. We have many things in

Re: [WIRELESS-LAN] EAP-TLS

to:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] On Behalf Of Hunter Fuller >> Sent: Tuesday, August 15, 2017 10:54 AM >> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> <mailto:WIRELESS-LAN@listserv.educause.edu> >> Subj

Re: [WIRELESS-LAN] EAP-TLS

esday, August 15, 2017 10:54 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > <mailto:WIRELESS-LAN@listserv.educause.edu> > Subject: Re: [WIRELESS-LAN] EAP-TLS > > Our campus isn't comfortable with an open ESSID without verifying the > identity of the user, so that's the value of edur

Re: [WIRELESS-LAN] EAP-TLS

> On Aug 15, 2017, at 10:47 AM, Jeffrey D. Sessler > wrote: > > Couple of comments: > > eduroam – using your point of “…most users can access what they want > off-campus…”, what long-term value is there to eduroam? IMHO – not at lot. > Back in the day, this would

Re: [WIRELESS-LAN] EAP-TLS

@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Hunter Fuller *Sent:* Tuesday, August 15, 2017 10:54 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] EAP-TLS Our campus isn't comfortable with an open ESSID without verifying the identity of the user, so that's the value of eduroam

RE: [WIRELESS-LAN] EAP-TLS

for user to get on the network. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Tuesday, August 15, 2017 10:54 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Our campus isn't

Re: [WIRELESS-LAN] EAP-TLS

e. > > > > So for us one additional positive the EAP-TLS over PEAP but overall > user-auth has its value. > > > > > > > > -- > > Jason Cook > > Technology Services > > The University of Adelaide, AUSTRALIA 5005 > > Ph : +61 8 831

Re: [WIRELESS-LAN] EAP-TLS

t Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, 15 August 2017 2:59 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS One interesting trade-off: if I have good AD credentials and pop up a new

RE: [WIRELESS-LAN] EAP-TLS

: +61 8 8313 4800 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, 15 August 2017 2:59 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS One

Re: [WIRELESS-LAN] EAP-TLS

Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Lee H Badman <lhbad...@syr.edu> Sent: Monday, August 14, 2017 11:28 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS One interesting trade-off: if I have good AD credentials and pop up a new Mac or Win

Re: [WIRELESS-LAN] EAP-TLS

rom: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis K. Larsen Sent: Monday, August 14, 2017 1:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Excellent Point. We did so

RE: [WIRELESS-LAN] EAP-TLS

nt: Monday, August 14, 2017 1:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Excellent Point. We did some testing with LDAP group lookups, etc. vs. checking for an attribute in a user certificate for authorization and found the performance to be significan

Re: [WIRELESS-LAN] EAP-TLS

<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Curtis, Bruce <bruce.cur...@ndsu.edu> Sent: Monday, August 14, 2017 10:56 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS > On Aug 11, 2017, at 7:45 AM, Bucklaew, Jerry <j...@buffalo.edu> wrote: > &g

RE: [WIRELESS-LAN] EAP-TLS

UCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Friday, August 11, 2017 10:18 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS I would do a cost/benefit/risk assessment. IMHO, some of the c

Re: [WIRELESS-LAN] EAP-TLS

erv.educause.edu" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-TLS To ALL: I am going to amend my initial request to “does anyone have any other reasons to switch to eap-tls besides the ones I list below”? I am trying to build a case for switching and want t

RE: [WIRELESS-LAN] EAP-TLS

Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: RE: [WIRELESS-LAN] EAP-TLS For certain types of devices (lab and loaner laptops, for example) there is support value in having network connectivity without the need for a user to log on. EAP-TLS is the only enterpris

RE: [WIRELESS-LAN] EAP-TLS

: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bucklaew, Jerry Sent: Friday, August 11, 2017 8:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS To ALL: I am going to amend my initial

RE: [WIRELESS-LAN] EAP-TLS

p Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bucklaew, Jerry Sent: Thursday, August 10, 2017 3:36 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] EAP-TLS Lee, I want to state first that I am not, by any

RE: [WIRELESS-LAN] EAP-TLS

RACUSE UNIVERSITY syr.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bucklaew, Jerry Sent: Thursday, August 10, 2017 3:36 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Lee, I want to state first

RE: [WIRELESS-LAN] EAP-TLS

: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Jerry, Am curious your reasons for TLS, like if anything beyond "it's better". Concern for PEAP being deprecated, etc? Lee -Original Message- From: Bucklaew, Jerry [j...@buffalo.edu] Received: Thursday

Re: [WIRELESS-LAN] EAP-TLS

rsday, August 10, 2017 2:41 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS To ALL: We currently do mac auth and EAP-PEAP authentication on our wireless network. I am trying to put together a proposal to move to cert based authentication and I was w

RE: [WIRELESS-LAN] EAP-TLS

To ALL: We currently do mac auth and EAP-PEAP authentication on our wireless network. I am trying to put together a proposal to move to cert based authentication and I was wondering if anyone has a proposal or justification already written as to why you should move to cert based auth?

Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

evin McCormick Sent: Thursday, September 24, 2015 1:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems Clients on Windows 8 and 10 fail on boarding. Macs, Windows 7, IOS, and Androids does not seem to have any issues. The radius server is iss

Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

serv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kevin McCormick Sent: Thursday, September 24, 2015 1:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems Clients on Windows 8 and 10 fail on boarding. Macs, Windows 7, IOS, and Andr

RE: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

roup Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kevin McCormick Sent: Thursday, September 24, 2015 1:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems Clients on Windows 8 and 10 fail on boarding. Macs, Windows 7,

RE: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

Office +1 919 274 7926 Mobile -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kevin McCormick Sent: Thursday, September 24, 2015 12:00 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] EAP

RE: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Turner, Ryan H Sent: Thursday, September 24, 2015 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems Let me

Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

We found a bug with the CloudPath onboarding and microsoft cert checking. We are using Microsoft NPS for the RADIUS server and it would randomly start saying that the certificate had been revoked. Cloudpath released an update for fix this issue. Upgrading the Enrollment Server fixed this for

Re: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems

-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] EAP-TLS Windows 8 and 10 Problems I know many of you are using EAP-TLS and CloudPath on boarding. We have ran in to an issue where some Windows 8 and 10 machines will say the server said the certificates are revoked, but they are not revoked. We