macOS 802.1X¶

Many network cables are connected to the so-called docking network of ETH, which can dynamically assign the correct VLAN to computers. By default a computer can only access a very limited number of internet ressources. Unlimited access is provided if you either authenticate with your ETH account or let ISG D-PHYS register the MAC address of your computer.

Disable automatic connection¶

Although registered computers should automatically be connected to the D-PHYS network, many macOS clients continue to prompt the user with an authentication dialog.

Follow these steps to get rid of this dialog

Open the Network tab in System Prefences
Select your wired network interface in the list on the left
Click the Details button
Select the 802.1X Tab
Uncheck Enable automatic connection

Command for power users¶

Instead of following the above steps, you may enter the following command in a terminal to disable the automatic connection for your user:

defaults -currentHost write com.apple.network.eapolcontrol EthernetAutoConnect -bool FALSE

or, alternatively, provided you have admin rights, disable it for all local users:

for user in $(/bin/ls /Users/ | egrep -v '^(\..*|Shared)$')
do
    sudo -- su - $user -c 'defaults -currentHost write com.apple.network.eapolcontrol EthernetAutoConnect -bool FALSE'
done

IT Services Group

HPT H 6 – H 9

Contact

ETH Zurich

Physics Department

IT Services Group

HPT H 6 – H 9

Auguste-Piccard-Hof 1

8093 Zürich

Switzerland