Setup of the UNIBZ Wireless LAN for Linux WPA

Security used within the WLAN Network: WPA/WPA2 + PEAP + MSCHAPv2
  • Wireless Network SSID: ScientificNetworkSouthTyrol
  • Security: WPA/WPA 2 Enterprise
  • Authentication: Protected EAP (PEAP)
  • Inner Authentication: MSCHAPv2
  • Certificate: NONE
  • Username: <unibz-login>
  • Password: <unibz-password>
  • IP Address: Automatic (DHCP)

Pre-requisites

  • Drivers for your Wireless Adapter and Requirements, installed and configured.
  1. Intel PRO/Wireless 2100 802.11b (Centrino) http://ipw2100.sourceforge.net/
  2. Intel PRO/Wireless 2200 802.11g and 2915 802.11ag (Centrino) http://ipw2200.sourceforge.net/
  3. Intersil PrismII driver with HostAP mode http://hostap.epitest.fi/
  4. Atheros MADWiFi driver (most cards with 802.11a or 108 Mb/s) http://madwifi.org/
  • Linux Software for the Authentication: wpa_supplicant. It is a WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i/RSN)

Other Wireless LAN resources for Linux can be found here http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/

(K)(X)Ubuntu 9.10 Using NetworkManager

= (K)(X)Ubuntu < 9.10 Manually

Installing wpa_supplicant

1. apt-get install wpa_supplicant

2. Configure /etc/wpa_supplicant.conf

Download AddTrust_External_Root.pem Certificate if you do not have it!

less /etc/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1

network={
        disabled=0
        ssid="ScientificNetworkSouthTyrol"
        proto=WPA
        key_mgmt=WPA-EAP
        auth_alg=OPEN
        eap=PEAP
        identity="unibzlogin@unibz.it"
        password="unibzpassword"
        ca_cert="/etc/ssl/certs/AddTrust_External_Root.pem"
        phase1="peaplabel=0 peapver=0"
        phase2="auth=MSCHAPV2"
        priority=10
}

3. Bring Interface (eth1/wlan, etc.) up

sudo ifconfig eth1 up

4. Start wpa_supplicant

 sudo wpa_supplicant -D wext -i eth1 -c /etc/wpa_supplicant.conf

5. Get an IP Address

 sudo dhclient3 eth1

Configuration for Wired Authentication 802.1x (Cable)

This is the same Authentication Method as Wireless, but here we
use an Ethernet cable.

Using Network Manager

Try this first if you are using a Ubuntu ⇒ 11.10.

Network Manager has the ability to be configured for 802.1x Authentication.

Basic steps:

  • Click on the Network Symbol (2 Arrows) in the upper right task-bar (either with left/right mouse click)
  • Edit Connections… in Network Manager
  • In the first Tab: Wired press Add Button
  • Fill out Connection name: <hostel>
  • Go to 2nd tab 802.1X Security, tick: Use 802.1X security for this connection
  • Authentication: Protected EAP (PEAP)
  • CA certificate: AddTrust_External_Root.pem (located in /etc/ssl/certs/AddTrust_External_Root.pem)
  • PEAP version: Automatic
  • Inner authentication: MSCHAPv2
  • Username: <your-unibz-login>
  • Password: <your-unibz-password>
  • Save…
  • Click again on the Network Symbol and select the newly create Connection

Network Manager Add Connection Configure Select newly create Connection

Manual Configuration

For the more “experienced” users!!

Make sure you have installed wpasupplicant and wpagui

 sudo apt-get install wpa_supplicant wpa_gui

Edit the configuration file: /etc/wpasupplicant/wpa_supplicant.conf

 vi /etc/wpa_supplicant/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=0
fast_reauth=1

network={
        eap=PEAP
        eapol_flags=0
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"
        priority=10
        key_mgmt=IEEE8021X
        auth_alg=OPEN
}

Now execute the following commands:

Starts wpa_supplicant with wired driver (-D wired) and in daemon mode (-B)

  • sudo wpa_supplicant -D wired -c /etc/wpa_supplicant/wpa_supplicant.conf -i eth0 -B

Start wpa_gui to enter username and password

  • sudo wpa_gui
  • Login with username@unibz.it and password

Get an IP Address

  • sudo dhclient3 eth0

kohofer 2010/02/22 14:38

/var/www/wiki.inf.unibz.it/data/pages/public/wireless_lan_using_linux.txt · Last modified: 2016/05/23 12:59 by apano
CC Attribution-Noncommercial-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0