Publishing an EAP-TLS WPA2 Enterprise Setup Guide on the Wiki(Jasvinder S. Bahra)

Stefan Winter stefan.winter at
Sun May 17 10:39:37 CEST 2015


> I've (finally!) gotten around to trying to get the apple devices onto
> the wifi network.
> I've looked at the websites you mentioned, but i''m a reluctant to
> create an account and download software to generate an XML text file.

You seem to be a bit confused here ... doesn't require
you to set up an account - you can re-use your Google Account if you
have one.

You also don't need to download any software to craft the XML file
(wondering how you got that impression?). You need to *up*load the
essential parts of your config - the root CA, specify the server name of
the server certificate, and tell the system which EAP types you want in
your XML.

That's all. You get the XML file then.


I'm really very sure it takes much more time and effort to take an
existing XML file from someone else and re-engineer it suit your needs.

Anyway... if you want an example: there are thousands. Take any one you
like from or They are openly
accessible because they do not contain anything remotely sensitive!
That's their whole point ... public configuration information for all
users of the EAP deployment.


Stefan Winter
> If its not too much trouble, could I ask you to send me an example
> configuration file - after, of course stripping out anything even
> remotely sensitive.  I could then use that as a template and insert my
> certificate information in between the appropriate xml tags.
> If thats not easy to achieve, then please do not go to any trouble.  I
> appreciate your response below and i'm sure i'll eventually figure
> something out.
> Thanks and regards,
> Jasvinder
> ----- Original Message ----- From: Rui Ribeiro
> To: FreeRadius users mailing list
> Sent: Saturday, January 03, 2015 9:19 PM
> Subject: Re: Publishing an EAP-TLS WPA2 Enterprise Setup Guide on the
> Wiki(Jasvinder S. Bahra)
> Hi Jasvinder,
> iPhone configurator has been indeed deprecated some while ago. It sort
> half worked in iOS 7, and it  finally stopped being useful in iOS 8.
> At the moment, only XCode is useful for that. Apple configurator is
> used in a corporate setting, however last time I checked, it was only
> supported in a handful of countries, and not here in Portugal. Someone
> more used to it can comment.
> As for the profiles, we are generating them with,
> because we are a university. However you also have available the
> service for free at for a corporate setting.
> Nevertheless, the profiles are essentially text files. So after
> generating the first, you can keep it. I also believe you can download
> client certificates never tried it. You just have to be aware that to
> download profiles or certificates you have to use the native Safari
> and not other browser.
> I also wrote a tutorial to the Portuguese federation on implementing
> FR 2+EAP-TTLS+AD, that I will have to update to FR 3 and make a little
> more presentable to distribute it widely.
> Feel free to contact me if you need more ideas about the Apple profiles.
> Regards,
> Rui Ribeiro
> -- 
> Rui Ribeiro
> Senior Sysadm
> Message: 2
> Date: Sat, 3 Jan 2015 10:30:37 -0000
> From: "Jasvinder S. Bahra" <bbdl21548 at>
> To: "FreeRadius users mailing list"
>        <freeradius-users at>
> Subject: Re: Publishing an EAP-TLS WPA2 Enterprise Setup Guide on the
>        Wiki
> Message-ID: <1C37CF3272EE4702B874E462A92A49A6 at atlantis>
> Content-Type: text/plain; format=flowed; charset="iso-8859-1";
>        reply-type=original
> Everyone,
> It looks like I posted too soon.
> My guide describes how to configure windows and android clients to
> connect
> to a WPA2 Enterprise wifi network.
> I had done some research into getting apple devices onto it, and I
> believed
> I had all the information necessary to get ipad's, iphone's and ipod's
> etc
> onto the network.  However, when I sat down to actually do so, I hit
> something of a brick wall.
> I believed all I needed to do was download a PC application from the
> apple
> website called the iPhone Configuration Utility (or iPCU), and use it to
> create a profile which configured the relevant devices wifi connection
> settings.
> It seems however, that the software has been deprecated - it hasn't been
> updated in years.  I can find no reference to it on the apple
> website.  It
> seems to have been replaced by an application named Configurator -
> which is
> only available for mac's.
> Does anyone know of a way to configure ipad's, iphone's and ipod's wifi
> settings, without tools such as iPCU or Configurator?
> Regards,
> Jazz
> -
> List info/subscribe/unsubscribe? See

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Freeradius-Users mailing list