802.1x Authentication for University Network Fails After 10.5.5 Update
Hi everyone, I hope that someone might be able to help me with my problem. I used to connect to the internet through my university's network at my dorm using the ethernet connection. Even before when I was using 10.5.4 I had to do the 802.1x authentication manually after every boot.
Now that I updated to 10.5.5 everytime I try to connect it tells me "802.1x Authentication has failed", does anyone have similar problems, solutions??? This is everything the IT department's homepage has to offer: http://www.unibz.it/ict/8021x_mac1/index.html?LanguageID=EN&
Thanks a lot!
Btw, it seems the update somehow messed up Timemachine as well, but that doesn't bother me as much as the internet connection.
Hi,
You probably need to install a root certificate into your Mac's system keychain so that your Mac knows it can trust the University's Certificate Authority (CA).
They should be able to provide you with a file for the CA and instructions.
cheers
Similar Messages
-
Extending wireless network fails after 7.5.2 update
I have two Airport Extremes; one creating a network that is allowed to be extended and the other is used to extend the network. This worked fine until the 7.5.2 update I installed. Now the relay is unable to connect and I get the error "This wireless network cannot be extended". All I did was to update the firmware on both airports; I am running the latest 5.5.2 Utility, latest Snow Leopard.
Did Apple break this feature?Welcome to the discussions, Paul!
Did Apple break this feature?
Not that we can tell based on forum questions, and our own experience, but anything is possible, especially if you tried the update over wireless.
Have you power cycled the complete network? If not...
Power everything down, order is not important. Wait a few minutes
Start the modem first and let it run by itself for 4-5 minutes
Start your AirPort Exptreme the same way
Start your AirPort Express the same way
Start your devices the same way
Any other troubleshooting steps that you have taken to this point? -
I have been using facetime on my iphone5 for a while and after the recent IOS update, I cannot seems to use my facetime any longer. what went wrong?
'The installer has insufficient privileges to modify this file C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Web kit.resources\inspector\Images\Spinner Inactive Selected.gif.'
That one's consistent with disk/file damage. The first thing I'd try with that is running a disk check (chkdsk) over your C drive.
XP instructions in the following document: How to perform disk error checking in Windows XP
Vista instructions in the following document: Check your hard disk for errors
Windows 7 instructions in the following document: How to use CHKDSK (Check Disk)
Select both Automatically fix file system errors and Scan for and attempt recovery of bad sectors, or use chkdsk /r (depending on which way you decide to go about doing this). You'll almost certainly have to schedule the chkdsk to run on startup. The scan should take quite a while ... if it quits after a few minutes or seconds, something's interfering with the scan.
Does the chkdsk find/repair any damage? If so, can you get an install to go through properly afterwards? -
802.1x authentication for win XP2 client
HI,
I am using Aironet 1200 AP, ACS 3.3 with 802.1x authentication, when I am enabling win XP utility insted of Cisco ACU it's wait for certificate credentials.
I installed CA authority in windows 2000 server. But i am unable to accessing wireless network with 802.1x authentications
Please help on this required configuration of CA role in server side and Client side.Hi,
You probably need to install a root certificate into your Mac's system keychain so that your Mac knows it can trust the University's Certificate Authority (CA).
They should be able to provide you with a file for the CA and instructions.
cheers -
SCCM 2012 - 802.1x authentication for zero touch installation
Hi guys,
I'm setting up a demo environment for sccm 2012. Our customer has the requirement to enforce 802.1x authentication (username & password without certificates) on the network. So I need a 802.1x integration into the WinPE image, that clients can access
the install vlan instead of the guest vlan during the zero touch Windows 7 OS install process.
What I did before:
- mount the SCCM modified WinPE image (boot.XXX99999.wim)
- integration of the KB972831 hotfix into the WinPE
- creation of a lan profile and eap profile file
- copy both files into the mounted image
- creation of new wim file
I've booted the boot wim via a usb stick to test the 802.1x integration with the following commands:
net start dot3svc
=> The Wired AutoConfig service was started successfully
netsh lan add profile filename="X:\8021x\Local Area Connection.xml " interface="Local Area Connection"
=> The profile was added successfully on the interface Local Area connection
netsh lan set eapuserdata filename=x:\8021x\Wired-WinPE-UserData-PEAP-MSChapv2.xml allusers=yes interface="Local Area Connection"
=> Error setting user data for interface Local Area Connection. The operation is not supported.
Actually I can't post web links here. If the files are needed I can send them per mail.
What can I do to solve this problem?
Thanks!
Regards
BastianHi!
Did you gave a look at this website: http://myitforum.com/cs2/blogs/lakey81/archive/2011/07/06/configuring-802-1x-network-authentication-for-winpe-3-0-and-configmgr-deployments.aspx
I've followed those steps and it worked as a charm, even for WinPE 4.0.
If you have questions let me know.
Cheers. -
hey guys, i just installed Arch Linux, and the first thing i did waas update the whole system via pacman -Syu. (i installed arch using the BASE iso only, so only the base system was installed) it downloaded all the updates for my system and installed them. I then installed Xorg, then gnome, then the Nvidia modules and put it in my rc.conf modules section.
upon rebooting, it says "network [FAILED]" resulting in no internet (on the bright side my Nvidia xorg worked out)
Trying a ifconfig eth0 down then back up results in it doing nothing. When looking at the output of ifconfig, eth0 does not show an ipaddress, however its jhardware address, so i fugre it is no accepting an IP address. I tried dhcpcd eth0 and again, it stalls for a bit then nothing. I checked my Dmesg and nothing relevant appears after running those commands except it sayins Eth0 link changed 100Mbps or somthing along those lines.
Keep in mind, the internet worked fine, obviously, since i updated the whole system upon a fresh install. I am stumped on what has happened!
Any ideas?
-Bolerobolero wrote:
hey guys, i just installed Arch Linux, and the first thing i did waas update the whole system via pacman -Syu. (i installed arch using the BASE iso only, so only the base system was installed) it downloaded all the updates for my system and installed them. I then installed Xorg, then gnome, then the Nvidia modules and put it in my rc.conf modules section.
upon rebooting, it says "network [FAILED]" resulting in no internet (on the bright side my Nvidia xorg worked out)
Trying a ifconfig eth0 down then back up results in it doing nothing. When looking at the output of ifconfig, eth0 does not show an ipaddress, however its jhardware address, so i fugre it is no accepting an IP address. I tried dhcpcd eth0 and again, it stalls for a bit then nothing. I checked my Dmesg and nothing relevant appears after running those commands except it sayins Eth0 link changed 100Mbps or somthing along those lines.
Keep in mind, the internet worked fine, obviously, since i updated the whole system upon a fresh install. I am stumped on what has happened!
Any ideas?
-Bolero
If I had to take a guess, your /etc/rc.conf was overwritten and perhaps the necessary kernel module for your nic isn't being loaded. -
Extended network fails after 24hrs
Hi,
This has been bothering me for a while now. Hope someone can help.
I have an Airport Extreme offering a wireless network in my home. I've set it to allow an extended network.
Recently I purchased an Airport Express and set it up to extend the existing network.
This all works fine for a while, but after about a day the network falls over. My Mac says the network is still there, however I can't access the internet (w/ Safari) anymore.
When I reset the Extreme (i.e. power off/on), the network comes back on for another 24hrs at which time I have to reset the Extreme again... This can't be the intended design.
If I switch off the Express, there are no problems whatsoever. Its when I switch the Express on that the network "expires" after about 24hrs and requires a daily reset of the Extreme.
Also interesting to note is that I have a computer connected to the Extreme via UTP-cable and *that* doesn't suffer from any connectivity problems after 24hrs.
However, running the Airport Utility when the network is down -- either wirelessly or on the wired PC -- doesn't find the Extreme until I've reset it.
Any suggestions as to what might be the cause and what I could try before calling Apple would be greatly appreciated.
[UPDATE]: My problem looks a bit like this: http://is.gd/tqU7GJ I'm trying the solutions offered there and updating here as I I try out stuff. Don't let that stop you from offering extra/alternate options though ;-)
1. Set logging from 5 to 3 [23-Apr-2011 11:50]
Message was edited by: MausySofar (since May 11) nothing new. Everything working flawlessly. As far as I'm concerned it looks like the logging level on the Express did the trick.
For future reference, here are the (I think relevant) settings that currently seem to work best:
Airport Express:
* Wireless mode = Extend a wireless network
* Using DHCP
* AirTunes enabled
* Syslog level = 3
* Allow SNMP = off
* IPv6 mode = Link-local only
Airport Extreme:
* Wireless mode = Create a wireless network
* Radio mode and channel selection = Automatic (using wide channels)
* Guest network enabled
* DHCP reservation enabled for the Express
* DHCP lease time: 1 day
* NAT enabled @ 10.0.1.253
* Syslog level = 5 (hmm...)
* IPv6 Mode = Link-local only -
Unable to set the ip address for hosted network client after creating WIFI hotspot
Original Title: INTERNET CONNECTIVITY PROBLEM WITH MY LAPTOP WIFI HOTSPOT
HI all
I am able to use internet connection from my lap hotspot, when the internet source is Public or private wifi.
so I know the cmd window commands for hotspot and settings of client(sharing to hosted network client, assigning IP address etc.,)
but the problem I am facing is slight different
I am using my cdma wireless broadband datacard as my source internet connection(Reliance netconnect +)
when I try to create hotspot for this, as usual I am able to create the hotspot and able to share the internet to hostednework client.
but I am unable to set the ip address for hosted network client, if I try to set ip 192.169.137.1 and 255.255.255.0
as soon as I close the window, the ip address also disappears
when connect my android phone to that hotspot, it is able to connect but there is no internet connectivity.
when I check the hostednetwork client for packet transmission, both sent and received packet is happening., I mean transmitting
so what cause the failure in internet connectivity but success in hotspot connectivity?
check the screen shots...
can u help me..
its little complicatedHi,
Please make sure the Ad hoc connection IP adress is at the same range with your local connection. In addition, how about recreate the ad hoc connection for test, please have a try.
If problem persists, please use Network troubleshooter in Action Center to fix this problem for test.
Roger Lu
TechNet Community Support -
Time Capsule - Can't change network password after 10.6.3 update
Has anyone else experience an issue changing the Time Capsule network password after updating to Snow Leopard 10.6.3? If so did you find a work around? After the update I'm no longer able to change the Time Capsule network password when accessing it from Airport Utility. The utility will say that Time Capsule has updated the network password to the new one but when I check keychain it shows the old password. I tried resolving this by deleting the original keychain then changing it again in Airport Utility but it still shows the old password in the keychain and Airport Utility when I reopen the app.
HI,
Checkthe vendor site for Snow Leopard compatibility. The developer may need to update their software.
http://www.toonboom.com/support/
Carolyn -
Problems with network access after applying batch of updates
Hi all,
Yesterday, I've applied a batch of updates to my Windows Server 2012 Hyper-V server. All went good, but after the reboot I was not able to access... Microsoft website for update download, or WSUS to Report and detect updates.
For my troubleshooting I did:
ping www.microsoft.com (DNS goes well)
With Wireshark running, did a http request to www.microsoft.com and I don't see any request leaving the NIC. This goes to *.microsoft.com
This happens either with or without Proxy set up.
I've reset Internet Explorer Settings, all with no luck.
When trying over our WSUS, I get error 80244019, and with wireshark I can see that WSUS may not be able to get the updates because it is replying with 404 not found.
HEAD /Content/C5/EC7E6D6C8063BF4424CE2EC75EBC977953CF11C5.cab HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.6
Host: srv-dc-sys:8530
HTTP/1.1 404 Not Found
Content-Length: 1245
Content-Type: text/html
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Wed, 14 Jan 2015 10:34:49 GMT
HEAD /Content/C5/EC7E6D6C8063BF4424CE2EC75EBC977953CF11C5.cab HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.6
Host: srv-dc-sys:8530
HTTP/1.1 404 Not Found
Content-Length: 1245
Content-Type: text/html
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Wed, 14 Jan 2015 10:34:49 GMT
HEAD /Content/C5/EC7E6D6C8063BF4424CE2EC75EBC977953CF11C5.cab HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.6
Host: srv-dc-sys:8530
HTTP/1.1 404 Not Found
Content-Length: 1245
Content-Type: text/html
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Wed, 14 Jan 2015 10:34:49 GMT
Seems to me two issues here. One I might workaround with deleting the WSUS content, and let WSUS resync(may solve).
The other... It's strange because can't seem to have www.microsoft.com leave my nic...
As part of the troubleshooting, I have two nics teamed, 1 nic for live migration, 1 nic for cluster network, and teaming, obviously has itself a single default gateway.
What can I do to go forward?
PS: One last finding. In WSUS this server does not report since 13th January at 11:00 a.m. I've forced it to report, and still no update/report
Nuno SilvaHi Nuno,
Do you mean that you can't see a HTTP request of
www.microsoft.com when you access it with Internet Explorer?
Can you successfully access the www.microsoft.com with the Internet Explorer? If yes, it should be normal. Because
www.microsoft.com is a CNAME.
>>but after the reboot I was not able to access... Microsoft website for update download, or WSUS to Report and detect updates.
Please try to update from Microsoft Update. Then post the windowsupdate.log here. It may give some hints.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Network slow after 10.4.5 update
Hi there, after installing the 10.4.5 update my PowerBook 12" is really slow when accessing network services. Web, Mail are impossibly slow.
I have a cable modem broadband connection with a Belkin wireless router sharing the connection. The laptop connects via Airport and uses DHCP for autoconfiguration.
I have tried the fix suggested on MacFixit of putting the DNS manually in the TCP/IP settings. Also I have turned off IPv6 which was also suggested to no avail.
My other laptops with earlier system revisions are running fine (I am using one to write this) and I have tried the Mac on another network with the same effect so it has to be something that 10.4.5 has done to my poor alubook
Can anyone help please.
PowerBook 12" 867Mhz 1.12GB RAM Mac OS X (10.4.5)This was offered by MacFixit: Friday, February 24 2006 @ 09:30 AM PST
Mac OS X 10.4.5 (#9): Another fix for network slowness -- re-applying the combo updater; SIIG FireWire card not working; more
Another fix for network slowness -- re-applying the combo updater Over the past few days we've outlined a number of fixes for network slowness that occurs after the update to Mac OS X 10.4.5, including entry of a DNS address, toggling of IPv6 and more.
We've now received notes indicating that a tried and true workaround for various issues -- re-applying the Mac OS X 10.4.5 combo updater (as noted in our general workarounds for 10.4.5) -- can have beneficial effects in this case as well.
MacFixIt reader Fred Moore writes:
"After much thrashing about and wasted time, I appear to have solved both the slow web page loading as well as my email sending problems in one stroke. Guess how: download the Mac OS X 10.4.5 combo updater and reapply it. This nonsense has cost me a lot of time but everything seems to work now. IPv6 is set back to Automatic, there is no entry in the Network prefs DNS server field, and my email sending works perfectly (so far; I've sent a bunch of tests). Why didn't I just download the combo updater and apply from my hard drive at the beginning? Well, Software Update should (yes, I know, I know...) work. I'll never again use Software Update for a system update." -
No Wi-Fi Network Found After IOS7.0.2 Update
After installing IOS7.0.2 my iPhone 4s searches for but cannot find any Wi-Fi networks.
None of the reset activities in the various replys work. I even reinstall IOS4.0.2 and the problem remains: the 4s does a brief search for a network (spinning wheel) and finds no network even though there are 3 available that work with other iPhones. Other locations with other networks yield the same result.
-
I am not able to make a facetime call after my recent iOS update. It is still saying that I need to connect to wifi when I try to do so. Does not give use cellular option in my general settings.
You will need to contact Sprint and find out what data plan you need.
I'm with AT&T with unlimited data in order for me to use cellular data for facetime, I would need to sign up for a different plan. -
Cisco ISE 1.3 using 802.1x Authentication for wireless clients
Hi,
I have stumbled into a strange issue trying to authenticate a user over wireless. I am using PEAP as the authentication protocol. I have configured my authentication and authorization policy but when I come to authenticate the authorization policy selected is the default which denies access.
I have used the 802.1x compound conditions for matching the machine authentication and then the user authentication
MACHINE AUTHENTICATION
match
framed
Wireless
AD group (machine)
USER AUTHENTICATION
match
framed
Wireless
AD group (USER)
was authenticated = true
Below are steps taken to authenticate any ideas would be great.
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
15049 Evaluating Policy Group
15008 Evaluating Service Selection Policy
15048 Queried PIP
15048 Queried PIP
15048 Queried PIP
15006 Matched Default Rule
11507 Extracted EAP-Response/Identity
12300 Prepared EAP-Request proposing PEAP with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12302 Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318 Successfully negotiated PEAP version 0
12800 Extracted first TLS record; TLS handshake started
12805 Extracted TLS ClientHello message
12806 Prepared TLS ServerHello message
12807 Prepared TLS Certificate message
12810 Prepared TLS ServerDone message
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12318 Successfully negotiated PEAP version 0
12812 Extracted TLS ClientKeyExchange message
12804 Extracted TLS Finished message
12801 Prepared TLS ChangeCipherSpec message
12802 Prepared TLS Finished message
12816 TLS handshake succeeded
12310 PEAP full handshake finished successfully
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12313 PEAP inner method started
11521 Prepared EAP-Request/Identity for inner EAP method
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11522 Extracted EAP-Response/Identity for inner EAP method
11806 Prepared EAP-Request for inner method proposing EAP-MSCHAP with challenge
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11808 Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
15041 Evaluating Identity Policy
15006 Matched Default Rule
22072 Selected identity source sequence
15013 Selected Identity Source - AD1
24430 Authenticating user against Active Directory
24325 Resolving identity
24313 Search for matching accounts at join point
24315 Single matching account found in domain
24323 Identity resolution detected single matching account
24343 RPC Logon request succeeded
24402 User authentication against Active Directory succeeded
22037 Authentication Passed
11824 EAP-MSCHAP authentication attempt passed
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11810 Extracted EAP-Response for inner method containing MSCHAP challenge-response
11814 Inner EAP-MSCHAP authentication succeeded
11519 Prepared EAP-Success for inner EAP method
12314 PEAP inner method finished successfully
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
24423 ISE has not been able to confirm previous successful machine authentication
15036 Evaluating Authorization Policy
15048 Queried PIP
15048 Queried PIP
24432 Looking up user in Active Directory - xxx\zzz Support
24355 LDAP fetch succeeded
24416 User's Groups retrieval from Active Directory succeeded
15048 Queried PIP
15048 Queried PIP
15004 Matched rule - Default
15016 Selected Authorization Profile - DenyAccess
15039 Rejected per authorization profile
12306 PEAP authentication succeeded
11503 Prepared EAP-Success
11003 Returned RADIUS Access-Reject
5434 Endpoint conducted several failed authentications of the same scenario24423 ISE has not been able to confirm previous successful machine authentication
Judging by that line and what your policy says, it appears that your authentication was rejected as your machine was not authenticated prior to this connection.
first thing to check is whether MAR has been enabled on the identity source. second thing to check is whether your machine is set to send a certificate for authentication. there are other things you can look at but I'd do those two first.
log off and on or reboot and then see if you at least get a failed machine auth on the operations>authentication page and we can go from there. -
Refresh FAST for Materialized View failed after Partition Operation
Dear all,
I have created a Materialized View having a simple join between a Dimension and Fact Table of a Datawarehouse. The MV is REFRESH FAST ON DEMAND.
However, when a Partition Maintenance Operation (PMOP) was performed on the Master Tables, the MV failed to Refresh giving a ORA-32313 error.
As suggested on one of the troubleshooting websites, we did a complete refresh of the MV and fixed it temporarily. However, I would like to know the exact cause for this and would like to have a permanent fix for the same.
Can the DBA for this Database provide me the answers or are there some standard troubleshooting steps for the same?
Please let me know.
Best,
KetanHello Maurice,
Here are the answers to your questions.
1) Database is Oracle 9i.
2) We have a stored procedure to refresh the MV. The command is dbms_mview.refresh('SALES_FACT_MV','f'). It was working fine daily. Only after a PMOP was done on the Master Tables, it failed to refresh. We have also created indexes on some columns of the MV for performance improvement. We are getting a very good improvement.
3) We have MV logs for both Master Tables to store the incremental values.
4) We are not able to get the output from DBMS_MVIEW.EXPLAIN_MVIEW since this can be done only by the DBA. WIll update you once I have the info.
5) Same as Point 2.
Let me know if you need any further info.
Thanks, Ketan
Maybe you are looking for
-
hi guys, any BAPI/FM that can be used to upload PGI, i need to put in the storage location for every DO
-
My parents are interested in switching from our current cable provider to FiOS . The primary reason for wanting to switch is due to intermittent service issues with the current provider. The issue is months old with no resolution. 1. They send a tech
-
Settings of audit_syslog_level
Hello, I have a technical question concerning the setting of parameter audit_syslog_level: we are recommended to audit events err, crit, alert and emerg. But in parameter audit_syslog_level I can only define one combination, for example: audit_syslog
-
Hello, Does anybody knows if there is a version/or will be a version of CEW (configuration express wizard) for SAP 2007 and SQL2008 or SAP 8.8 As far as I know the tool works on SAP2007 and SQL2005 but when it runs on a sql2008 I get the following er
-
AI opens slowly, then when it finally does open, everything is outlined
Slowly over the past couple of weeks, AI has been getting slower and slower. It finally has decided to open all files like this image and I can't figure out how to view the workspace normally. Any tips? Should I reinstall? (Running AI CC 2014 on OSX