Not sure if it's the same problem, but I've got a 2012 MBA running 10.8.4 that's experiencing disconnects. Reading the logs it thinks it's still got an 802.1x connection when it tries to reconnect to the wireless, and it has a 169.254.x.x IP address. If I click Disconnect on the 802.1x connection in the Network preferences, it fully disconnects and loses its IP, but doesn't reconnect. The RADIUS server (Enterasys NAC) logs show it was authenticating successfully many times, often as little as 4 or 5 seconds apart, but it couldn't associate to the wireless once it did.
On 27/09/13 04:43, Julian Y Koh wrote: > On Sep 26, 2013, at 15:39 , Travis Schick <trsch...@ucdavis.edu> > wrote: >> >> I have found that this delay will go away if the cert used for WPA2 auth is >> updated to also always trust for SSL. > > That seems suboptimal. Not just because you need to get your clients to > change configs, but I wonder how that affects overall trust and if it opens > you up to other holes. For example, does changing that setting on the client > mean that you won't be able to revoke that certificate? What if your > certificate and key get stolen and then used to set up a malicious site > somewhere? The SSL certificate (actually, the CA that signs it) is already set to always trust for everything. > Someone else can do that testing. :) > > Another vendor is recommending that a timeout value for EAP responses be > raised from its default 5 second value to 30 seconds, since the Macs are > eventually responding - it just takes a long time in some cases. I've upped my RADIUS timeout to 30 seconds (from 15), I'll see if that has any effect. -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.