Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
0
Helpful
2
Replies

OSX Dot1X Authentication as machine

Petrus van de Sande
Level 1
Level 1

‎11-19-2014 09:17 AM - edited ‎03-10-2019 10:11 PM

We've configured Dot1X authentication on both wired and wireless networks, using PEAP as the outer method and host/user authentication on the inside.

All Windows clients work perfectly but the Apple OSX devices are having issues as they only authenticate as a user, once the user has been authenticated on the computer.

I've created a profile in iPhone Configuration Utility and set it to use %AD_ComputerID% as username and installed this profile as root, so in the system settings. However, the MacBook still only uses the actual user name... This happens both wired and on wireless.

Authentication is done on ISE 1.2.1 patch level 3 against MS Windows 2012 AD. The access switches are 3650's on IOS XE 3.3.5.

Any help to get MacBook to talk Dot1X as a machine would be greatly appreciated!

Labels:
0 Helpful
2 Replies 2

Saurav Lodh
Level 7
Level 7

‎11-19-2014 03:47 PM

Sounds similar a bit https://discussions.apple.com/thread/4990427
Can you see the authentication logs from ISE operations , and see the machine auth details?

0 Helpful

Petrus van de Sande
Level 1
Level 1
In response to Saurav Lodh

‎11-20-2014 05:01 AM

Thanks for that pointer. I don't think it's the same thing but I've got some new clues as to how to troubleshoot the issue.

I can't see the authentication in ISE because the MacBook simply doesn't attempt to log on without an active user session.
 

0 Helpful
Customers Also Viewed These Support Documents