Connect to the RIT Wi-Fi Protected Access network with Mac OS X
RIT’s Wi-Fi Protected Access (WPA) wireless network requires that you authenticate, or log in, to connect; it is not an open network. It provides a level of additional security through encryption — especially to allow you to safely login with your RIT computer account username and password — of your wireless network transmissions.
However, the encryption for subsequent network traffic should not be considered the primary feature of the WPA network. The primary feature of WPA is to prevent unauthorized use of RIT resources, through authentication, so that the people who need to use the network do so with a high quality of service and safety. You should still be cautious about transmitting personally-identifiable or RIT confidential information to Web sites and other systems that do not offer their own encryption, such as afforded by Secure Sockets Layer (SSL) or Transport Layer Security (TLS) or other means. Both SSL and TLS, for example, are traditionally indicated as a lock icon in a Web browser window. If you currently use VPN to access campus resources when on the wireless network, please continue to do so with WPA.
As of this writing, the RIT WPA network carries a different network name — “ritwpa” instead of “rit” — to distinguish it from the conventional RIT wireless network. The network name is also known as an SSID.
Other than the login requirement and the addition of encryption, all other settings and specifications for the WPA network remain the same. You must still register your computer for the overall wireless network (although you only need to register it once to gain access to both the “rit” and “ritwpa” networks). The WPA network is available on all of RIT’s campus wireless access points in academic buildings and common areas — anywhere the “rit” network name is also broadcast.
Only access points administrated by ITS should offer these network names on the RIT campus for security reasons. If you believe that you have identified a unofficial access point broadcasting these network names inappropriately, or you have questions if an area has coverage provided officially by ITS, please contact us.
At this time, RIT does not support the WPA2 standard, only WPA.
Connect to the RIT WPA network
The following instructions detail how to connect to RIT’s Wi-Fi Protected Access (WPA) network. The WPA network requires that you log in for access, and provides some level of encryption to protect your network traffic.
Some notes:
- The instructions below are designed for Mac OS X Tiger, but should be similar for other versions of Mac OS X, as well.
- The WPA network requires a valid RIT computer account for login purposes.
- The AirPort wireless adapter in your Mac must be registered on the RIT network either before or immediately following this process. Please register it at http://start.rit.edu.
- You should not need to have an administrator-level account in Mac OS X to proceed. The WPA settings for RIT’s wireless network are currently defined at the user level in Mac OS X.
To connect to the RIT WPA network with Mac OS X:
- Open the Internet Connect application.
- Click on the “AirPort” icon in the Internet Connect window’s toolbar.
- Select the “Network” pop-up menu, and choose “Other.” Do not choose “Other” or any network name under the “Computer-to-Computer Networks” heading if it appears; instead, choose the first of the two “Other” options if there are two.) A sheet with the “Network Name” field slides down.
- Enter “ritwpa” in the “Network Name” field. This is the current network name, or SSID, of the RIT WPA network.
- Set the “Wireless Security” pop-up menu to “WPA Enterprise.” Do not choose “WPA2 Enterprise,” as that standard is not supported on RIT access points at this time. The dialog sheet will change, adding several new fields.
- Enter your RIT account username in the “User Name” field.
- Type your RIT account password in the “Password” field.
- Leave the “802.1X Configuration” set to “Automatic.”
- Click the “OK” button to connect to the RIT network.
You will return to the main Internet Connect window, which will display your connection status.
- Respond to the “Verify Certificate” dialog, if it appears, by clicking the “Continue” button.
You may also choose to “Show Certificate” to examine the “radius.rit.edu” certificate’s details.
You will return to the main Internet Connect window once you have clicked the “Continue” button. - Respond to the “Verify Certificate” dialog, if it appears a second time, by clicking the “Continue” button.
When you have successfully authenticated with the RIT WPA network, the status message in the main Internet Connect window will indicate that you are connected. You will also see the “ritwpa” network name listed, with a checkmark next to the name, in the AirPort menu in your menu bar at the top of the screen.
If you have not registered your AirPort wireless card, you should open a Web browser and do so at the http://start.rit.edu Web site.
Reconnect to the RIT WPA network
Once you have connected, the “ritwpa” network name, or SSID, can appear in your AirPort menu in the menu bar at the top of the screen. You can reconnect to the “ritwpa” network if it appears there.
Otherwise, if you do not see “ritwpa” listed in the AirPort menu, repeat the steps above to reconnect. If you have connected once, you should not have to verify the certificates for the WPA network.
Certificates
The certificates you accept are stored in your login keychain, which you can view through the "Keychain Access application" (found under the Applications folder, within the Utilities folder, on Mac OS X computers). The keychain stores passwords, notes, and security certificates for you. The RIT WPA network certificates will be listed under the “All Items” and “Certificates” categories of your keychain.
If you remove these certificates from your personal keychain, you will need to re-accept them the next time you connect to the RIT WPA network.