Posted on 12-08-2014 09:48 PM
Is there a practical way to implement EAP-TLS for 802.1x wifi authentication on iOS? I'd really like to be using something better than PSK. Or do I really just need a NAC of some kind?
I didn't like PEAP becuase I dont want students to be able to connect their personal devices by simply using their AD credentials. We're a Windows shop so I would be using Microsoft Active Directory Certificate Services and NPS.
We just purchased Casper and I'm looking forward to iOS life getting easier.
Posted on 01-03-2015 01:34 PM
yes you can! In your Configuration Profiles for Wi-Fi, you want the "WPA / WPA2 Enterprise" and select your authentication method (TLS, LEAP, EAP-Fast, etc).
The issue is you need the devices to get "online" somehow so they can talk to your JSS to then get your Configuration Profile. It may help having an open network that only allows to access your JSS OR have a short term "enroll" SSID that is open.