802.1x Wireless disconnecting in Mountain Lion

NowAllTheTime
Contributor III

We are still testing Mountain Lion before allowing installation across our environment and wireless config continues to give us trouble.

We have WPA2 Enterprise security, and we use 802.1x network authentication via TLS (certificate based authentication), the certificate payload includes a wireless certificate and then root and corp certs in the trust. The profile is scoped at the system level for clients running 10.8+

The Config profile pushes out to Mountain Lion clients and they are able to connect to the network but they inevitably end up jumping on and off of the network, often when the screen is locked, which renders network users (Active Directory) unable to log back into their profile until they plug in to the network.

Anyone else experiencing this? If you are any ideas for a fix? I can barely maintain a wi-fi connection for more than a few minutes. Our Lion clients continue to work just fine with the same network and certificate payloads.

1 ACCEPTED SOLUTION

NowAllTheTime
Contributor III

Fixed with 10.9.2 update

View solution in original post

5 REPLIES 5

nkalister
Valued Contributor

I'm using 802.1x wifi with TLS certs configured via mobileconfig profiles as well, but I'm not seeing any problems staying connected in my environment. I did have to create a new profile for 10.8 clients using a 10.8 server's profile manager. Have you re-created the configuration profiles used for this with a 10.8 server?

Disconnecting wifi when the machine goes to sleep is normal, though, and I don't have any problems authentication before the connection is re-established.
Are you creating mobile accounts for your AD users? I'm doing that by default- if you aren't, that may be why you're having trouble authenticating without the network connection up.

NowAllTheTime
Contributor III

Yeah, they are mobile accounts by default.

I didn't use profile manager to create the profile, just the built in tool in the JSS (v8.61).

I'll try importing a profile from a 10.8 server and see if it acts any differently.

nkalister
Valued Contributor

could just be a configuration problem on the WAps that Lion didn't have an issue with. the 802.1x code in 10.8.x is very different from all versions of lion except 10.7.5- that version shares the EAP client code base with 10.8. 10.7.4 behaved for me much like what you're describing- it was completely unuseable, but 10.8 and 10.7.5 have had no issues for me.

I'd also definitely suggest opening a support case with applecare on this if you have a support contract.

NowAllTheTime
Contributor III

Fixed with 10.9.2 update

alexjdale
Valued Contributor III

Yes, we had this issue with Mountain Lion and worked a case with Apple for a couple months. As soon as Mavericks came out they were able to reveal that the issue was known and addressed in 10.9. The connection would drop and reconnect exactly at the one-minute mark, usually several times, when coming out of wake.

It was an issue with TLS cert-based authentication.