Skip to Content.
Sympa Menu

cat-users - Re: [cat-users] [Alunos] Atualizacao para o sistema iOS 9 - problemas com a Eduroam

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [cat-users] [Alunos] Atualizacao para o sistema iOS 9 - problemas com a Eduroam


Chronological Thread 
  • From: Stefan Winter <stefan.winter AT restena.lu>
  • To: Clement Ogedengbe <c.ogedengbe AT worc.ac.uk>, "A.L.M.Buxey AT lboro.ac.uk" <A.L.M.Buxey AT lboro.ac.uk>, Péter Lipták <liptak AT office365.ulisboa.pt>
  • Cc: "cat-users AT geant.net" <cat-users AT geant.net>
  • Subject: Re: [cat-users] [Alunos] Atualizacao para o sistema iOS 9 - problemas com a Eduroam
  • Date: Thu, 22 Oct 2015 11:19:11 +0200
  • List-archive: <https://mail.geant.net/mailman/private/cat-users/>
  • List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
  • Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Hello,

> We have a report of Apple devices having problems connecting to our Eduroam
> network. I saw this thread about iOS 9 devices and RADIUS certificates.
>
> Can you please advise how we can verify our DH key size. Our realm is
> WORC.AC.UK. Can you also please help check our server cert for any issue.

The CAT web interface already provides for a certificate check ("Check
realm reachability"). Please first fix issues reported there and let us
know if you still have problems.

Lately I resolved a case where the iOS problems were due to a change
from TTLS-MSCHAPv2 to TTLS-EAP-MSCHAPv2 - the (FreeRADIUS) server was
misconfigured in its inner-tunnel eap module (default_eap_type = md5;
but MD5 was rightfully disabled). This is also one thing to check.

If the issue is really the DH parameter (that's a condition we cannot
diagnose right now from the CAT side), you should contact JISC to help you.

Greetings,

Stefan Winter

>
> Best Regards
>
> Clement
>
> -----Original Message-----
> From:
> A.L.M.Buxey AT lboro.ac.uk
>
> [mailto:A.L.M.Buxey AT lboro.ac.uk]
>
> Sent: 05 October 2015 11:35
> To: Péter Lipták
> Cc:
> cat-users AT geant.net;
>
> suporte AT eduroam.fccn.pt;
> Helpdesk; Tiago Picado
> Subject: Re: [cat-users] [Alunos] Atualizacao para o sistema iOS 9 -
> problemas com a Eduroam
>
> Hi,
>
>> At ISA, Universidade de Lisboa, Portugal after a month, still no one can
>> use the eduroam Wi-Fi with iOS 9, which is very important for the
>> undergoing studies we are participating.
>
> not an issue with iOS, its an issue with the sites RADIUS certificate if
> its not working.... or with their DH key size if they havent updated that
> on their server. whats your realm? (we can check the RADIUS server cert
> that your organisation is currently using to spot issues they need to fix)
>
> info/advice did go out to the eduroam admin community regarding client
> requirements.
>
> certificate requirements are here:
> https://wiki.geant.org/display/H2eduroam/EAP+Server+Certificate+considerations
>
>
> IOS9 devices working fine at other sites that have fixed their RADIUS
> server config and certificates
>
>
> alan
>
>


--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature




Archive powered by MHonArc 2.6.19.

Top of Page