Jamf Nation Community

pblake · ‎11-12-2014

Would love to hear some success stories.

cbrewer · ‎11-12-2014

Using it on roughly 4000 Macs running 10.7 and up. The only big issue we've had was with 10.8.x. There was a known problem where Wi-Fi would disconnect after 60 seconds and Apple made us wait till 10.9 for a fix.

alexjdale · ‎11-12-2014

We use 802.1x for Wifi and Ethernet, computer-based authentication (so the network is active before the user logs in). We use computer certificates for Wifi and the computer's Active Directory credentials for Ethernet. It works fairly well, minus some Apple bugginess.

millersc · ‎11-12-2014

Ditto @alexjdale comments here. Almost 10K devices this way.

chuyendv · ‎11-12-2014

We are using it on about 100 Macs with Cisco devices. It works on Mavericks but does not on Yosemite

bentoms · ‎01-04-2015

@chuyendv, I'be just started looking at issues with 802.1x & Yosemite on our Wireless.

Have you any findings?

@alexjdale & @millersc Do you have working Yosemite clients?

millersc · ‎01-05-2015

@bentoms I just tried a 10.10.1 image. It is not working. Yosemite is not in our timeline in the near future, so we are ok but will be following this.

cbrewer · ‎01-05-2015

@millersc You might check the following thread. We (and others) had an issue where our existing 802.1x profile didn't work with Yosemite.

https://jamfnation.jamfsoftware.com/discussion.html?id=12287

stevehahn · ‎01-08-2015

Is there a guide posted somewhere for getting this set up?

ckgov · ‎01-08-2015

+1 for what stevehahn asked. Is there a guide for setting this up?

I have 802.1X working after login with a certificate and the users AD user/pass. It is basically useless since binding the Mac to AD there is no network at the login window. Everything is wireless and no ethernet.

mostlikelee · ‎01-08-2015

Currently using SCEP/Network/Certificate config profiles to install root and machine certs for auth and auto-connect to Wifi. If you have a MS CA server, fire up SCEP and configure the default template. There's a couple blog posts out there that help out quite a bit. Make sure you include the entire cert chain in the Certificate config profile and trust them in the Network config profile.

stevehahn · ‎01-08-2015

Thanks @timkalee, can you link to any of those blog posts?

mostlikelee · ‎01-08-2015

@stevehahn here's a good one:

http://networklessons.com/wireless/eap-tls-with-server-2008-scep-for-apple-devices/

stevehahn · ‎01-12-2015

Thanks everyone! I've got a working configuration profile that uses EAP-TLS and testing is going well so far.

bentoms · ‎01-12-2015

@stevehahn][/url I too had to change my profile from PEAP to EAP-TLS with MSCHAPv2 inner indentity.

I'm not sure if YoYo is being finicky, or we have issues with our wireless setup (both are possible).

Either way, it's working.

blackwoodT · ‎01-12-2015

I have been reading this thread with interest as I am also experience issues with 802.1X profiles. Is it possible for someone to post a screenshot of the particular settings you are using so I can compare against what I am doing and see if I can solve the problem? We had no problems with the profile I am using with 10.9.

Thanks,

Will

bentoms · ‎01-13-2015

@lelongw][/url][/url][/url, i hope this helps.

Working 10.7 - 10.9:
external image link

Working 10.10:
external image link

bigdaddybesbris · ‎02-23-2015

@bentoms @lelongw

Your screenshots are from Casper? I'm currently struggling with something similar, see: https://jamfnation.jamfsoftware.com/discussion.html?id=13423

Don't mean to thread hijack.

Thanks,

E

Jamf Nation Community

802.1.X Computer Based Authentication