Eduroam configuration in /Linux/BSD: wpa supplicant: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
[[image:eduroam_logo.gif]] | [[image:eduroam_logo.gif]] | ||
'''For setup in newer versions of Linux and client run Linux please see: [[Eduroam for Linux]]''' | |||
Revision as of 09:54, 14 November 2014
For setup in newer versions of Linux and client run Linux please see: Eduroam for Linux
It is important that you have in place the latest version of firmware and driver for your wireless card and that your firmware supports TKIP encryption or better. Some drivers also has a problem with connecting to access points that does not broadcast it's SSID. Be sure to apply any available patches.
wpa_supplicant can be downloaded here.
Be sure to read the README file as it explains about the support in various drivers.
Before the wpa_supplicant can be compiled, you must have 'yes' on the following options in the .config file:
CONFIG_IEEE8021X_EAPOL=y CONFIG_EAP_MSCHAPV2=y CONFIG_EAP_TLS=y CONFIG_EAP_PEAP=y CONFIG_EAP_TTLS=y
It is strictly only necessary to have TLS, PEAP or TTLS (depending on what your institution uses) but the others might prove useful to have at a later time. For TLS you also need a user's certificate.
You also need to define what driver you are using. For example the MAD WiFi driver:
CONFIG_DRIVER_MADWIFI=y
Then there is
make
before you install with
cp wpa_cli wpa_supplicant /usr/local/bin
...or somewhere else you prefer.
With your favorite editor edit
/etc/wpa_supplicant.conf
so that it contains the following (using TTLS):
ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=root network={ ssid="eduroam" scan_ssid=1 key_mgmt=WPA-EAP eap=TTLS identity="brukernavn@student.uib.no" password="password" phase1="peaplabel=0" phase2="auth=MSCHAPV2" } ctrl_interface=/var/run/wpa_supplicant Modify user name, password and certificate name to what is applicable at your institution. Start wpa_supplicant like this: ''wpa_supplicant -D madwifi -c /etc/wpa_supplicant.conf -d -i ath0''
iwconfig should then be able to give you an output like this:
ath0 IEEE 802.11b ESSID:"eduroam" Nickname:"mycomputer.uib.no" Mode:Managed Frequency:2.412GHz Access Point: 00:07:85:92:22:75 Bit Rate:11Mb/s Tx-Power:50 dBm Sensitivity=0/3 Retry:off RTS thr:off Fragment thr:off Encryption key:569A-C02F-A312-A56B-2C1A-75FD-A277-BE1C Security mode:restricted Power Management:off Link Quality:25/94 Signal level:-70 dBm Noise level:-95 dBm Rx invalid nwid:7003 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:3
Run dhclient ath0 to receive an IP address from the DHCP server.
We use Cybertrust Educational CA, normaly there is no need for the CA Certificate, but you can download it here : http://secure.globalsign.net/cacert/sureserverEDU.pem