tlmurray
join:2003-03-22
Roswell, GA
 ·AT&T DSL Service
| Obtaining settings from XP to move to Macintosh
I have a corporate WinXP laptop with wireless. The bottom line is extract the necessary settings, certficate(s), etc., and replicate them on my Mac -- corporate won't support Macs. The Security forum may be the wrong place to start, so if there is a better one, let me know.
They use IBM Access Connections to manage their WLAN. The SSID field in the manager is blank, but I know the name. On the Mac if I try to log in to that SSID I am presented with a password challenge; it's my understanding that they use certificates to provide the log-in for Windows.
The first challenge, I suppose, is to find the certificate. The certificate store is chock full -- anyone know how to find the right one? |
|
docrice
join:2008-03-31
Fremont, CA
| Getting the right cert(s) is one thing, but you also need to know the exact 802.1X method being used here. If it's just a server-side certificate involved, then it's probably EAP-TTLS (MS-CHAPv2 as the inner-method or PAP?) or PEAP as those tend to be pretty common. On the other hand, you seem to infer that XP machines don't require a password while Macs do. That implies EAP-TLS as the default method, while EAP-TTLS or PEAP using a client password can also be negotiated.
In any case, OS X's 802.1X support seems to support all the common flavors. I haven't played with IBM / Lenovo ThinkVantage Access Connections in a while, but I suspect that the certificate(s) exist in Window's certificate manager store (Start -> Run -> certmgr.msc). There should a client certificate in the Personal Store (if they use user certs) and the server cert is most likely in the Trusted Root Certification Authorities store as these are commonly pushed out through Group Policy for all Active Directory members.. Look for a common name that ends with the domain suffix of your corporate network (corp.mycompany.com). |
|
