Wifi w/WPA/WPA2 Enterprise

Similar Messages

• HT4718 would i be able to use the lion internet recovery since my college uses WPA/WPA2 Enterprise wifi?

  would i be able to use the lion internet recovery since my college uses WPA/WPA2 Enterprise wifi? Im confused becasue this exact one is not listed under apples page about os x recovery.

  Probably not.  You'd need to go somewhere that Internet isn't on a locked-down wireless network.
  See this for specifics.  "It depends."
  http://support.apple.com/kb/HT4718

• Administrative credentials when adding a WEP/WPA/WPA2 Enterprise wifi profile?

  Hello,
  Why do users need to provide administrative credentials when they install a configuration profile containing installation of a WEP Enterprise or WPA/WPA2 Enterprise Wifi-profile? This is not the case when installing a Wifi-profile usning standad WEP, WPA or WPA2.
  Is this a bug? It confuses users with user profiles when they need to confirm the installation with administrative credentials.

  I don't know the answer to your question. Maybe you can find something here:
  http://training.apple.com/pdf/WP_8021X_Authentication.pdf

• WPA/WPA2 Enterprise Support -  Please Apple PLEASE!

  I have been searching through this discussion board and I have found many discussions like this one.
  http://discussions.apple.com/thread.jspa?threadID=1106197&tstart=0
  People who complain of not being prompted for a Username and Password for WiFi access are complaining of lack of WPA/WPA2 Enterprise Support for Apple's iPhone. Many college campuses, major workplaces and public libraries use WPA/WPA2 Enterprise support, which prompt you for a Username AND Password.
  Why doesn't Apple's iPhone support one of the most common WiFi protocal's in today's world?
  If Apple doesn't implement WPA/WPA2 Enterprise support, many people are going to look for alternative ways to connecting to a WPA/WPA2 Enterprise WiFi network with their iPhones. Example: hacking their iPhone and using a risky 3rd party application.
  I STRONGLY recommend to Apple to get on this as soon as possible...
  Does anyone know if Apple is working on this currently?
  Thank You!

  This is a user to user help forum only so no one here knows what Apple is working on.
  http://www.apple.com/feedback/iphone.html

• Connecting to WPA/WPA2 Enterprise Network

  I am trying to configure an Apple TV to connect to our corporate network. I have a service account in AD that I am using in the profile, have pointed to our cert and trusted it in the profile, selected WPA/WPA2 Enterprise, and selected PEAP as the 802.1X authentication. I have done this after going over the settings with our network security engineer. Everything looks correct. After installing the profile and connecting it to the TV, I can only get a 169.X.X.X address (should be our private WiFi network of 10.9.X.X. Has anyone successfuly done this?

  This is a user to user help forum only so no one here knows what Apple is working on.
  http://www.apple.com/feedback/iphone.html

• Connecting to WPA/WPA2-Enterprised network

  hi all,
  i just came to mcgill and was trying to connect to the school network. But it kept saying something like 'authorization failed'. School website has only instructions for BlackBerrys:
  "Select wpa.mcgill.ca * (WPA/WPA2-Enterprise). Fill in the following fields:
  Name: wpa.mcgill.ca *
  SSID: wpa.mcgill.ca *
  Security Type: PEAP
  User Name: McGill Username
  User password: McGill Password
  CA Certificate: Thawte Premium Server CA
  Inner Link Security: EAP-MS-CHAP V2
  Token: None Selected
  Server subject: blank
  Server San: blank                                                                         "
  Help plz
  Solved!
  Go to Solution.

  idecline wrote:
  hi all,
  i just came to mcgill and was trying to connect to the school network. But it kept saying something like 'authorization failed'. School website has only instructions for BlackBerrys:
  "Select wpa.mcgill.ca * (WPA/WPA2-Enterprise). Fill in the following fields:
  Name: wpa.mcgill.ca *
  SSID: wpa.mcgill.ca *
  Security Type: PEAP
  User Name: McGill Username
  User password: McGill Password
  CA Certificate: Thawte Premium Server CA
  Inner Link Security: EAP-MS-CHAP V2
  Token: None Selected
  Server subject: blank
  Server San: blank                                                                         "
  Help plz
  Try configuring your N97 with these instructions:
  Since your WLAN network seems to require more advanced PEAP authentication settings you should probably create / edit appriate WLAN connection profile, known as (Internet) Access Point, manually in a following manner:
  1. Go to Tools -> Settings -> Connection -> Network Destinations
  2. Check if your earlier failed attempt to connect has already created an non-funtional IAP named as your WLAN network SSID (look for a entry named wpa.mcgill.ca) under "Internet" destination.
  3. If you can see existing IAP named as your WLAN SSID then you can Edit that one with necessary changes. (skip to 7.)
  4. If you don't see any existing IAPs that are named like your WLAN network then go to the desired "Destination" (e.g. Internet) and select Options -> Add Connection Method.
  5. Assuming you are in the coverage area of your WLAN network you can let phone "Automatically check for connection methods" (i.e. phone scans available WLAN networks) and you should be able to select the correct WLAN network name (wpa.mcgill.ca) from the list. Once you have selected the WLAN network your "Internet" Destination should now have been added with a new Access Point (IAP) that is named "wpa.mcgill.ca". Note that at this point the particular connection method is still incorrectly configured for your purposes (since by defaul it has EAP-SIM & EAP-AKA authentication methods enabled).
  6. Now you should manually Edit your newly created wpa.mcgill.ca Internet Access Point with necessary PEAP settings.
  7. Configure following WLAN and authentication settings:
    "Connection name" defaults to name of your WLAN network (wpa.mcgill.ca) but you can also change this if you wish
  - "Data Bearer" naturally needs to be "Wireless LAN"
  - "WLAN network name" should match your WLAN network's name (SSID) exactly (wpa.mcgill.ca)
  - "Network status": Public
  - "WLAN network mode": Infrastructure
  - "WLAN Security mode": WPA/WPA2
   => Go to "WLAN security settings"
  - Ensure that "WPA/WPA2 mode is set to "EAP"
  - Leave "WPA-2 Only mode" to "OFF" unless you are absolutely sure that your WLAN network is configured to stricly pure WPA2 mode (i.e. network might be configured to support both WPA and WPA2 security thus enabling WPA-2 Only mode on the phone will cause all your connection attempts to fail).
   => Go to "EAP plug-in configuration"
  - Enable "EAP-PEAP" and make sure that "EAP-SIM" and "EAP-AKA" are disabled (via Options -> Disable)
   => Select "Configure" for EAP-PEAP authentication method
   - Leave "Personal Certificate" to "Not defined"
  - Select "Thawte Premium Server CA" to be used as an "Authority certificate"
  - Set "User name in use" to "User defined" (since there is no Personal Certificate where it could be read automatically)
  - Enter your username (McGill Username) to "Username" field
  - Set "Realm in use" to "User defined" and leave following "Realm" field empty.
  - Note that in case your username (McGill Username) contains the realm (i.e. format is username@realm ) then you can enter realm part of your ID to "Realm" field and enter only the username part to the "Username" field.
  - Configure "Allow PEAPv0" to Yes
  - Configure both "Allow PEAPv1" and "Allow PEAPv2" to "No"
  => Go to "EAP's" tab to configure inner authentication method for the PEAP (use the small arrow pointing right on top of the screen to move between tabs)
  - Enable "EAP-MSCHAPv2" authentication method and Disable all other methods (Option -> Enable / Disable)
  - Select "Edit" for the EAP-MSCHAPv2
  - Enter you username (McGill Username) to "User name" field
  - Configure "Prompt password" to No or Yes depending on whether you want your password to be prompted everytime you make an connection or if you prefer saving your password to following "Password" field permanenly so that it won't be prompted during everytime you connect to this WLAN network with PEAP/EAP-MSCHAPv2 authentication.
  - If you you selected "No" to password prompting then enter your password (McGill Password) to "Password" field.
  => Exit the configuration with "Back" (several times) and you should hopefully be able to connect with this setup.
  If needed you can also change the priority order of the connection methods (IAP's) within the Internet Destination since your new connection most likely ended up being lowest priority WLAN connection within your Internet destination. This should however not be a problem unless you have some other WLAN networks defined as an IAP and these other WLAN networks are simultaneously available at the location of the wpa.mcgill.ca WLAN network.
  Hope this helps you to get connected!!
  Message Edited by saataja on 17-Sep-2009 05:16 PM

• IOS 5 can't connect to WPA/WPA2 Enterprise Wireless Network

  After upgrading multiple iPhone 4 (CDMA versions) to IOS 5.0, I have not been able to get them to connect to our WPA/WPA2 Enterprise wirless network.  We use a Cisco Wireless LAN Controller.  The wireless network is capable of doing WPA or WPA2 Enterprise with PEAP.  These phones all connected to this network fine before the upgrade.
  When connecteding to the network, it prompts me for the username and password and when I tap join it sits for about 10-15 seconds then says "Unable to join the network" with a Dismiss button.
  It connects to non-Enterprise networks just fine.  I have tested it on WPA Personal and WPA2 Personal networks and it has worked on several without issue.
  I have tried "forget this network" with no success.
  Is anyone else having this problem?  I know of at least three Verizon iPhone 4's that have this exact same problem.  I haven't seen one working with this configuration yet.

  I have the same problem:
  Cisco WLC's -> WPA2 Enterprise AES + EAP-PEAP 802.1x with CCKM
  Pre 5.0 - all worked fine
  Post 5.0 - it tries to connect and after few moments i get error - couldn't connect.
  Info from controller:
  10/17/2011 12:16:37 CEST           INFO           172.16.16.X           Sending EAP request to client from radius server. 6.f. ..l
  10/17/2011 12:16:38 CEST           ERROR           172.16.16.X           Retransmitting EAP-ID request to client,retransmission timer expired. 5.y. ..l
  10/17/2011 12:16:39 CEST           ERROR           172.16.16.X           Retransmitting EAP-ID request to client,retransmission timer expired. 5.y. ..l
  10/17/2011 12:16:40 CEST           ERROR           172.16.16.X           Authentication failed for client as EAP ID request from AP reached maxmium retransmissions. 5.yp ..l
  10/17/2011 12:16:40 CEST           ERROR           172.16.16.X           De-authentication sent to client. 5.oP ..l
  10/17/2011 12:16:40 CEST           ERROR           172.16.16.X           5.yp ..l
  10/17/2011 12:16:40 CEST           ERROR           172.16.16.X           EAPOL-key is invalid, scheduling client for deletion. 5.yp ..l
  On the Radius server i don't see any activity regarding this device.
  I had this network configured on my iPhone - after upgrade and restore it remembered it. Every time i was in vicinity of my Enterprise WLAN it tried to connect - resulting int express battery drain - 6-7 hrs and battery was empty from 100%

• Free RADIUS/802.1X Service for WPA/WPA2-Enterprise

  Hi, just wanted to let everyone know that I recently started offering a Free Edition of our AuthenticateMyWiFi service, a hosted RADIUS/AAA service offering 802.1X authentication for use with WPA/WPA2-Enterprise encryption.
  The Free Edition features 1 user account, supports 1 AP, and includes: PEAP authentication for wireless and wired connections, web-based control panel, and activity logging.
  This is great for IT professionals wanting to experiment with 802.1X or to get enterprise Wi-Fi security in homes and small offices.
  For more info visit our site:
  http://www.nowiressecurity.com/service.htm
  - Eric Geier

  I recommend contacting Linksys support on the phone and ask them which model router has Radius or Enterprise WPA features. Some home class routers may not have this. Ask and see what is available. 

• Unable to Connect to WPA/WPA2-Enterprised network

  I work for a private company, and we have a WPA-Enterprised network. Company provide following settings for Blackberry users.
  Name : IxWLANP
  SSID: IxWLANP
  Band Type: 802.11 b/g
  User Name :
  Password:
  CA Certificate: None Selected
  Interlink Security : EAP-MS-CHAPV2
  Token: None
  Select Disable Server Certificate.
  What I have configured for my Nokia E72 is as follows:
  Connection Name: IxWLANP
  Data Bearer: Wireless LAN
  WLAN Network Name :IxWLANP
  Network Status: Public
  WLAN Network Mode: Infrastructure
  WLAN Security Mode : WPA/WPA2
  Under WLAN Security Settings
  WPA/WPA2: EAP
  Under Plug-in settings:
  EAP-PEAP only selected
  Under EAP-PEAP edit mode:
  Personal Certificate: Not defined
  Authority Certificate: Not Defined
  User Name In US: User Defined
  User Name: ******* (My User Name)
  Realm In Use: User Defined
  Realm: Blank
  TLS Privacy: OFF
  Allow PEAPv0 : yes
  Allow PEAPv1 :No
  Allow PEAPv2 : No
  Under EAPs: EAP-MSCHAPv2 Selected
  User Name: (My USer name)
  Prompt password: No
  Password : (My Password.)
  No change in ciphering
  WPA2 only modeff
  This is all I have done.
  Network is showing as known network. But If I am trying to connect to any web page its saying EAP-PEAP authentication Failed.
  Blackberry/ Samsung/ Apple works fine. This problem is only with nokia. Please reply urgently.
  Please help.

  I have also a problem to connect my E72 to my company network.
  The settings are:
  Network Authentication: WPA2
  Data Encryption: AES
  Authentication Type: Protected EAP (PEAP)
  Authentication Protocol EAP-MSCHAPV2
  HAve someone of you an idea or what I have to do that it works?
  Please help. Thank you.
  Argisch

• Updated v1 Phone--Now no WiFi if WPA/WPA2 is on--Airport Extreme

  I updated my v1 phone to 2.0 last night. I no longer get anything but Edge using my Airport Extreme at home when WPA/WPA2 is on.
  As soon as I turn security off, the WiFi symbol appears.
  Help us Apple!!

  Anyone?

• Macbook Pro Wifi Issues with WPA2 Enterprise key

  I have a MBP 13" mid 2009 model. There is usually no problems connecting to home networks. It remembers the passwords and connected seamlessly. However, I have problems connecting to networks with WPA2 Enterprise settings. I had tried it in NYU and I am trying it at my current school too. It keeps forgetting the WPA2 key from time to time and although I have tried all ways to get it to remember the key it still fails. I have used other MBP from the same time frame and they seem to be working perfectly. Even my iPod touch works perfectly with these WPA2 enterprise networks. Can anyone suggest a workaround?

  The networks do support WPA2. It works perfectly on windows 7 and other MBPs. There it doesn't keep asking the password and stores the password in keychain. But on my MBP it keeps asking me for the password from time to time
  Message was edited by: cooldip

• When to use WPA/WPA2 Enterprise

  What are the advantages of the different settings in setup on my AirPort Extreme ?

  The "Enterprise" wireless security settings are intended to be used in a commercial environment where the use of an authentication server is employed. This is not typical for home use.

• Airport Express running 7.3.1 is missing WPA/WPA2 Enterprise option

  Hello.
  I own a Airport Extreme Base station running 7.3.1 I am trying to access it using a 17inch Macbook pro and Airport Utility 5.3.1
  According to the documentation there should be a way for me to setup a Radius server, is there an advanced setting I need to enable?
  Thank you

  Hmm, it seems that there is a bullet in the kbase that mentions devices which do not support 7.4.2 firmware, may still be able to play without that as a minimum.
  G is slow, so that only compounds our problem. It could be age as well, however..... do you have an iPad or iPhone? I'd like to try to airplay from something else and see if THAT actually works.

• Creating a Configurator profile for ATV on WPA2 Enterprise?

  Alright, so I have a couple of Apple TVs (latest version) which I want to get up and running on our wireless network here at work. We have a WPA/WPA2 Enterprise network. Our access point is simply an Airport Extreme and the RADIUS server is running on OS X Server 10.6.
  I understand that I have to load the Apple TV with a profile to get it to connect to the wireless network but I can't for the life of me figure out what the correct settings are for my network. I'd ask our IT department but the problem is that I am the IT department.
  When I try to connect using the profiles I've created I get the error "There was a problem connecting to the network. Check your settings and try again. (-369033215).
  The first issue (I believe) is that I might not be choosing the right EAP types. In configurator I can choose TLS. TTLS, LEAP, PEAP, EAP-FAST, EAP-SIM, or EAP-AKA. I have no idea which one I should be choosing or how to figure out which types my network supports. Also some of them want me to enter an outer identity which again, I have no idea what to put there.
  The second issue may be the trusted certificates - I may not have the correct one(s). When I check the RADIUS server settings, it shows that I'm using a self-signed certificate that I generated quite a while ago (we don't have any actual certs, just self-signed ones - small office, not my area of expertise so I didn't want to waste company money without knowing what I was doing). So, what I did was I opened up Keychain Access, found that certificate, exported it, and imported it into Configurator. I imported it into Trusted Certificates but I didn't put anything in for Trusted Server Certificate Names - should I put anything in there?
  Any help is appreciated.

  Ok that part I put above would go in your SQL, not in the report properties - you also want to replace p.product_image with whatever your BLOB column is, and p.product_id with your employee_id column.
  The apex_util.get_blob_file_src basically does the same thing that you were doing but should be a little simpler to manage.
  http://download.oracle.com/docs/cd/E14373_01/apirefs.32/e13369/apex_util.htm#CHDICGDA
  So:
  1) Edit your sql and try using this function instead of just calling the BLOB column.
  2) Edit the column properties and put #PHOTO# as the link, and #EMPLOYEE_ID# (or whatever your primary key is called) as the Value.
  3) If that long string is still in the number/character format field, clear it out.
  4) If that still doesn't work, install the demo application that comes with Apex and look at Page 3. That is all I did.

• WPA2-Enterprise + EAP (PEAP) and 802.1x to authenticate to RADIUS server NPS

  I need to connect my iPhone and my iPad to the corporate wireless network using WPA2-Enterprise and 802.1x to authenticate against a RADIUS server with my corporate user. What is the procedure to configure the clients? Certificates is not necessary on the client. Radius server is a NPS of Microsoft and the WLC is a 5508 of Cisco.
  thanks !!!

  WPA and WPA2 are all actually interim protocols that are used until the standardization of IEEE 802.11i standard. Wi-fi appliance decided that ratification and standardization of 802.11i standards will take more time. So, they came up with WPA.
  Now, WPA2 is advanced version of WPA. WPA2 uses AES as encryption algorithm. Whereas, WPA use TKIP as encryption mode which in turn uses RC4 encryption algorithm.
  WPA and WPA2 are actually are of 2 types respectively.
  WPA/WPA2-PSK - This is mainly for small offices. This uses Pre-Shared Key for authentication.
  WPA/WPA2 -Enterprise - This uses a RADIUS Server for authentication. This is an extension to 802.1x authentication. But this uses stronger encryption scheme(WPA uses RC4 and WPA2 uses AES).
  Any authentication mechanism that involves a separation authentication server for authentication like ACS server is called 802.1x authentication.
  EAP stands for Extensible Authentication Protocol. It refers to the type or method of 802.1x Authentication by the RADIUS/Tacacs server. A RADIUS server can authenticate a wireless client with various EAP methods.
  LEAP is one type of EAP. It uses username and password for authenticating wireless clients. LEAP is cisco proprietory.
  There are also EAP types which uses other user credentials like Certificates, SIM etc for authentcation.
  The following document might clarify your doubts.
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.shtml