-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 17:00 -0400 7/22/2008, John York wrote:
I'm sure someone has gotten this to work before. Does authenticating to
an ldap server mean we are forced to use EAP-TLS with client certs,
install some client on the student machines, or is there another
Is anyone else still seeing erratic behavior with any iPhones/iPod
Touches running 2.0? I have had some strange problems with mine and
some others here. When trying to connect to my WPA2 PEAP-MSCHAPv2
network, for a while it wouldn't prompt me to accept our self-signed
cert. After resetting the
Branden,
We are using Autoconnect here with LDAP/ACS 3.3. We are not using the
Idengies Ignition Server. We didn't have to make any modifications. We
were able to drop Autoconnect into our existing deployment without
incident.
Regards,
J. Bart Casey
Network Engineer
Wofford College
If you're using ACS with an external LDAP database then you're limited
to EAP-FAST, PEAP-GTC, or EAP-TLS according to the ACS documentation. We
did run into a similar problem but decided to access the user database
via RADIUS instead (we have a proprietary, home-grown system which is
accessible
We have seen a few things so far, I consider these circumstantial but
very consistent:
- some users want to simply point at the secure SSID without
setting up the profile. In the iPhone, I see no prompting at all for any
certs, etc., just spins it's obnoxious little wheel until it times
Wireless has been smooth for those using it with WPA2 enterprise. But it was
installed with the iphone config tool. Added cert trust settings there.
-Original Message-
From: Barber, Matt [EMAIL PROTECTED]
Subj: Re: [WIRELESS-LAN] iPhone 2.0 news
Date: Wed Jul 23, 2008 7:17 am
Size:
Thanks for the summary Lee. I am totally on-board with the ability to
do WPA Enterprise at all being great. I just wanted to make sure I
wasn't the only one seeing some strangeness.
I was going to take a look at the config tool anyway, but I will give
that a shot and then see what issues
We are a Cisco LWAPP shop and have a PEAP/WPA secure wireless network.
For our certificates we have a PKI which is trusted through GTE Cyber
Trust Global Root. When a first time user connects to the wireless they
are prompted with a window that tells them that the certificate is not
trusted. So
You could try a different Radius server... we use Radiator
(http://www.open.com.au/radiator/) but eg FreeRADIUS
(http://freeradius.org/) is also a good choice. Both support a wide
variety of EAP methods, including PEAP and EAP-TTLS. Actually, we
support both on our wireless network (but prefer
I highly recommend Freeradius.org.
But if Linux is not your thing, I think IDengines might be able to pull this
off.
On Wed, Jul 23, 2008 at 10:27 AM, Jeroen van Ingen
[EMAIL PROTECTED] wrote:
You could try a different Radius server... we use Radiator
(http://www.open.com.au/radiator/) but
I am not aware of a way to automatically set the trust settings within OS X
10.4 (Mac said this was a security feature so user had to validate the trust of
EAP certificates).
Leopard however has been changed so that is something that can somehow be set
automatically.
On the windows supplicant
11 matches
Mail list logo