There was one sentence in the T-Mobile security policy that suggested that a secure connection was possible without Connection Manager. So I called tech support and they were astonishingly helpful. The tech walked me through an Internet Connect setup which resulted in me connecting securely via TTLS. The basics of the process are: Open Internet Connect and add a new 802.1x configuration. I also had to click the Configure button for TTLS and enter PAP as the 'TTLS INNER Authentication.' The other authentication methods are left as default. After setting everything up, the end result looked like this. The process is a bit complex, so you might want to call them if you're unsure of anything in that screenshot.

