We’ve recently embarked on a project to secure our wireless network. Before, we had a really simple run-of-the-mill setup using HP ProCurve 420 wireless access points. We had one SSID which would broadcast and we used a simple WEP encryption key. We decided that this wasn’t the best solution (especially since the network key was being handed out freely).
So, I started a project to set up two SSIDs. One SSID would broadcast, be a public network, and utilize a simple WEP key (too prevent just anybody from pulling up and gaining immediate Internet access). It would be set up to use VLAN tagging and all “public” traffic would only be allowed to access the Internet. The second SSID would be a private network that would not broadcast and utilize WPA encryption.
We had a LOT of trouble with WPA encryption on the ProCurve 420′s. Basically, over time, the AP’s would fail and connections would drop. It’s a problem HP is aware of and they’re supposed to release a fix someday. However, I found that setting the access points to WPA only and AES only encryption only worked (or WPA and TKIP, but AES is the ‘better’ encryption scheme).
All is fine and dandy, except for a few MacBooks. For whatever reason, they refuse to retain the wireless network settings! You reboot or put the laptop to sleep and it won’t re-connect to the network.
I’ve found that this problem is related to two things, 10.5.7 and/or the Keychain. On some MacBooks that wouldn’t retain the wireless network settings, upgrading to 10.5.8 fixed the problem. However, on others, it wasn’t this simple. I found that on some MacBooks the ‘login’ keychain had become corrupt for the user I was logged in as. For whatever reason, deleting the login keychain, any additional entries related to the SSID we want to associate with, deleting the network from the AirPort’s ‘Preferred Networks’ list, rebooting, and then re-joining the network seemed to fix it.
Though, I’m not sure if it’s a fluke. On all the machines I’ve had this problem with, I’ve prodded the ‘Preferred Networks’ list as well as every Keychain until the machine would re-connect to the correct wireless network automatically.
