802.1X TLS Problem
802.1X TLS Problem
- Subject: 802.1X TLS Problem
- From: Keith Moores <email@hidden>
- Date: Thu, 18 Mar 2004 09:54:24 -0500
Hello all,
I'm working on supporting Mac OS X clients into our wireless
infrastructure and running into a problem with EAP-TLS in 10.3.3. I'm
hoping this is an appropriate venue for this question since I can't
seem to find much documentation on the Panther 802.1X client.
The main issue is that users are prompted to enter a user name and
password when using a 802.1X Configuration that is configured to only
use TLS. EAP-TLS (being certificate based) is the only one the methods
provided that does not require a username and password, authorization
can be determined by the radius server based on Common Name or Subject
Alt Name in the certificate the client uses to authenticate.
Our current workaround is to re-enter the Subject Alt Name contents of
our user certificates (which is the users email address) in the user
name field leaving the password blank. This is providing a confusing
experience for our testers use to implementations on other platforms.
Our environment is best explained here:
http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a008009256b.shtml
Moving forward I'd like to be able to support WPA connections from our
Mac wireless clients however it seems I'm likely to run into similar
issues looking at the "WPA Enterprise" login dialog.
Thanks in advance,
-Keith
------------------------------------------------------------------------
Keith Moores <
mailto:email@hidden>
Network Systems
ITC-Communications and Systems Division
University of Virginia, ITC-Astronomy Building Phone (434) 924-0621
Box 400324, Charlottesville, VA 22904-4324 Fax (434) 982-4715
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.