Monday, August 22, 2016

802.1x WiFi Profile for the AppleTV (3rd Generation)

Finally figured out the profile requirements to get an AppleTV (3rd gen) working with 802.1x wireless authentication. We employ an Aruba ClearPass (which does the authentication checking to Windows Active Directory). We did this as of 15 Aug 2016.

Requirements: 
  • Apple computer with Apple Configurator 2 installed (we used v2.2.1 (3C72))
  • Apple TV (3rd gen)
  • USB cable (normal-end to micro-end)
 Steps
  • Plug the micro-usb into the AppleTV and open the Apple Configurator 2 application on the Apple computer
  • Create a new profile and use the screenshots in the PDF below
  • Push the profile to the AppleTV
  • Test
Notes:
  • Observe we had to use "MSCHAPv2" after choosing  "TTLS" on the WiFi profile
  • Observe you probably only need your Root CA and Intermediate CA certificate (in our case DigiCert)
    • As a precaution, I included our local AD root CA and our ClearPass certificate
  • Many forums I read stated you need your Root CA *and* your Intermediate CA (to complete the trust chain)
References:
Apple 802.1x White Paper:
http://training.apple.com/pdf/WP_8021X_Authentication.pdf

Apple Configurator 2:
https://itunes.apple.com/us/app/apple-configurator-2/id1037126344?mt=12

Identify your Apple TV model:
https://support.apple.com/en-us/HT200008 


PDF of profile screenshots here:
https://drive.google.com/file/d/0B5ttjkGSReNeVEZqb1BheVczQ3c/view?usp=sharing


Posted by at No comments:
Subscribe to: Posts (Atom)