Synology usage series 32 – Setup Wifi WPA2 Enterprise with Freeradius+Openldap/Client Certificate

MacBook Pro Wifi Setting for OSX 10.9.2. (Apr 16 2014)

  1. Copy client.p12, server.p12, ca.crt to the MacBook Pro.
  2. Open Finder, double click the p12 file to import to the keychain.
    Import server into MacBook Keychain

    Import server into MacBook Keychain

    For the Keychain list box, select login. Click Add button.

    Input the output password defined in the client.cnf file and server.cnf file respectively.

  3. Download Apple Configurator from Mac store.
  4. Launch Apple Configurator, click the Supervise icon.
  5. Click All Devices in the left pane. Click the + icon under profiles. Select Create New Profile… from the popup menu.

    Apple Configuration - Supervise - Adding new profile

    Apple Configuration – Supervise – Adding new profile

  6. In General tab, input at least Name of the profile.

    Profile - General Screen

    Profile – General Screen

  7. Click Certificates in the left pane, click Configure button.
    Profile - Certificates

    Profile – Certificates

    Select the client.p12 and then input the output password again. Repeat the step and select the server.p12 and ca.pem.

  8. Click Wi-Fi icon in the left pane, then click the Configure button.
  9. Input the SSID into the Service Set Identifier textbox.
    Create MacBook Wifi Profile

    Create MacBook Wifi Profile

    Click the Hidden Network checkbox if the Wi-Fi network did not broadcast its SSID.

    Click Auto Join.

    For Security Type, select WPA/WPA2 Enterprise.

    For Protocols tab, click PEAP checkbox.

    Enterprise Settings – Protocols

    Input the LDAP username and password.

    For Identity Certificates, select the client.p12.

    For the Trust tab, click the checkbox of server.p12 in the Trusted Certificates section.

    Enterprise Settings - Trust

    Enterprise Settings – Trust

    For Trusted Server Certificate Names, click the + icon, then input the common name of the server.p12.

    The common name can be found in server.cnf file.

  10. Click Save button.
  11. Now highlight the newly created profile, then click the Export profile icon.
  12. Input the filename of the exported profile. Click Save button.
  13. Open Finder, double click the exported profile, follow the wizard to import the profile.
    Import Wi-Fi profile

    Import Wi-Fi profile

    Confirmation to import Wi-Fi profile

    Confirmation to import Wi-Fi profile

    Input login password to confirm

    Input login password to confirm

  14. The profile should be added as below

    Mac Wi-Fi Profile

    Mac Wi-Fi Profile

  15. Open System Preferences…, click Network.

    System Preferences - Network

    System Preferences – Network

  16. Click the Lock Icon in the left bottom, input your login password to unlock the setting.
  17. Click Wifi Icon in the left pane, select your Network SSID in Network Name. Click Advanced… button.
  18. Click the 802.1X tab, the WIFI profile should be shown.

    WiFi - 802.1X

    WiFi – 802.1X

Futher reading

7 Things Wi-Fi Hackers Hope You Don’t Know

Leave a Reply

Your email address will not be published. Required fields are marked *