of Mac and Men

Alexander Clouter alex at digriz.org.uk
Tue Apr 7 12:07:03 CEST 2009


A.L.M.Buxey at lboro.ac.uk wrote:
> 
> taking some Steinbeck metaphor too far...
> 
> oh, how I wish Lenny were a code name for MacOSX rather than Debian... anyway,
> or lovely friend Lenny or having a few issues compared to his friend George.
> Lenny wants to have the lovely Wifi...but cant. You see, Lenny has 'issues'
> and some of these issues wont be apparent until too late.
> 
A code name because those Mac's might start to work if they were just 
formatted with Debian slapped on there you mean?

> anyway, a few choice quotes from some google searches and I am none the wiser.
> I know this
> 
> Mac OSX seems to have some issues with Cisco Wireless kit in the LWAPP mode.
> Mac OSX seems to have some driver issues....especially since the same kit
> (Macbook Pro) running Vista has no wireless problems. hmm.
> 
In my experience, the Mac OS X weenies only complain when some Layer 2 
thing makes the wireless card driver upset; you see the same thing with 
Symbian phones and the Cisco WLC controllers.  I have gotten bored of 
reporting bugs to Cisco, unless you have an 'enterprise' client (any NIC 
with 'Intel' in the name that seems to mean) they are simply not 
interested.

Issues I have found:
 1) some Mac's really sulk if there is a combination of 802.11a and 
	802.11b/g AP's broadcasting the same SSID (it might just be 
	802.11a only)
 2) if you set MFP protection to anything other than 'Optional' then a 
	particular group of Mac's will grumble
 3) if you do not have 'Infrastructure MFP Protection' enabled, another 
	particular group of Mac's sulk
 4) if the 'WMM Policy' is set to anything other than 'Allowed' then you 
	get another group of Mac's grumbling
 5) I am pretty sure they grumble if you have AES enabled for WPA(1) 
	Enterprise too; I'm not 100% convinced on this, it might be in 
	part linked to WPA Enterprise and WPA2 Enterprise being enabled 
	on the same SSID.

Of course there is also the buggy cack if you do persuade a Mac to 
connect where you need to force the DHCP client ID to something (I use 
'cheese' and pretend to the users that it's the only ID we have found 
that works...); otherwise the Mac disagrees with your DHCP server and 
decides it does not like the colour of *that* particular IP and wants 
another instead.

I'm not really surprised by all this cruft, after four months awaiting 
for a reply from Apple on an endian bug in a DHCP packet they spit out, 
I have not heard anything back.  Christ, that's just a htonl() fix too 
:(

"This Network Monkey recommends liberal use of 'fire' to solve your 
problems".  The list above I have worked out through trial and error 
over two years and found now the combination I'm now using means my 
exposure to Mac users is minimised...so that's my motivation.

> "Improved compatibility with some EAP-TTLS clients that previously would have
> required EAPTTLS_NoAckRequired. Reported by Ian Forster."
> 
> coupled with 
> 
>        #This is added for Apple Macintosh Airport Extreme adapters
>        EAPTTLS_NoAckRequired
> 
> suggests that something more is afoot.
>
This sounds vaguely more like session resumption stuff, but that's me 
guessing and pulling ideas out of my....
 
Cheers

-- 
Alexander Clouter
.sigmonster says: A penny saved is a penny to squander.
                  		-- Ambrose Bierce




More information about the Freeradius-Users mailing list