Feed on
Posts
Comments

Throwing another tidbit of recently found knowledge out here. Along the way with playing different certs on my EAP-TLS I wound up removing the 802.1x password entry from the OS X Keychain (at the time thinking it would help my problem). What I discovered after that, even after reverting my RADIUS server config, I couldn’t connect back to my test SSID. OS X just threw a “unable to join network” message immediately and gave up. I couldn’t figure out why I couldn’t connect back, what would be keeping state about this network.

802.1x entry

The TL;DR is I went into System Preferences > Network > Wi-Fi and told it to forget about my test SSID. After this I was prompted for the username/password on my network when I retried it.

(Actually I’m not even sure how I got in this situation. I just deleted this again and I was able to rejoin the network?)

Along the way I found out the Wireless Diagnostic tool on OS X is actually nice and useful, you wouldn’t think it from the surface. It collects a ton of logs and even packet captures to review. From what I gathered from the internets I needed to look for “eapolclient” logging. In this case eapolclient was reporting “Acquired: cannot prompt for missing user name”. I didn’t get many leads hunting for this message. It wasn’t until I thought about the forgetting thing that fixed my problem.

eapolclient “cannot prompt for missing user name”

Yay, fixed.

Fixed!

Leave a Reply