Connection to wireless network - wpa

Stefan Skotte sfs at enhance-it.dk
Wed Jun 20 21:30:21 CEST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I have been involved with setting up eduroam access for a local
university, and if I remember correctly, you should be using EAP (w/
public key), along with the WPA logon. There's a specific dialer called
Alfa&Ariss on windows for the purpose of getting online, as the stock
dialer in windows does not support it.

Actually I have this manual you could consult:

http://okfweb1.asb.dk/helpdesk/wireless_eduroam/MAC_wlan_eduroam_stud_en.pdf

When using PEAP, with EAP/MSCHAPv2, and use anonymous identity, and get
a copy of the public key from the RADIUS server.

Just my two cents.. hope it helps.


- -stefan


rozelak at volny.cz wrote:
> Hallo,
> 
> I send the required outputs (shortened to relevant data):
> 
> $# iwlist eth1 scanning
> eth1      Scan completed :
> Cell 01 - Address: 00:11:93:10:B7:B0
> ESSID:"eduroam"
> Protocol:IEEE 802.11bg
> Mode:Master
> Channel:4
> Encryption key:on
> Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
> 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> 48 Mb/s; 54 Mb/s
> Quality=39/100  Signal level=-77 dBm
> IE: WPA Version 1
> Group Cipher : WEP-104
> Pairwise Ciphers (1) : TKIP
> Authentication Suites (1) : 802.1X
> IE: IEEE 802.11i/WPA2 Version 1
> Group Cipher : WEP-104
> Pairwise Ciphers (1) : CCMP
> Authentication Suites (1) : 802.1X
> Extra: Last beacon: 684ms ago
> Cell 02 - Address: 00:11:93:10:B7:B1
> ESSID:"eduroam-simple"
> Protocol:IEEE 802.11bg
> Mode:Master
> Channel:4
> Encryption key:off
> Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
> 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> 48 Mb/s; 54 Mb/s
> Quality=35/100  Signal level=-79 dBm
> Extra: Last beacon: 680ms ago
> Cell 03 - Address: 00:11:21:BF:D1:42
> ESSID:"<hidden>"
> Protocol:IEEE 802.11bg
> Mode:Master
> Channel:7
> Encryption key:on
> Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
> 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> 48 Mb/s; 54 Mb/s
> Quality=79/100  Signal level=-50 dBm
> IE: WPA Version 1
> Group Cipher : TKIP
> Pairwise Ciphers (1) : TKIP
> Authentication Suites (1) : 802.1X
> IE: IEEE 802.11i/WPA2 Version 1
> Group Cipher : TKIP
> Pairwise Ciphers (1) : CCMP
> Authentication Suites (1) : 802.1X
> Extra: Last beacon: 28ms ago
> 
> .... etc.
> 
> I use ipw2200 "driver", which is reported to be working with NM, I guess:
> 
> $# lsmod
> Module                  Size  Used by
> vboxdrv                29768  1
> parport_pc             24804  0
> parport                31432  1 parport_pc
> nsc_ircc               16560  0
> irda                  104312  1 nsc_ircc
> ipw2200               137416  0
> ieee80211              30728  1 ipw2200
> ieee80211_crypt         4608  1 ieee80211
> 
> Also kernel should be configured correctly:
> 
> $# less /usr/src/linux/.config | grep CONFIG_IEEE80211
> CONFIG_IEEE80211=m
> CONFIG_IEEE80211_CRYPT_WEP=m
> CONFIG_IEEE80211_CRYPT_CCMP=m
> CONFIG_IEEE80211_CRYPT_TKIP=m
> CONFIG_IEEE80211_SOFTMAC=m
> 
> ------
> 
> $# less /usr/src/linux/.config | grep CONFIG_CRYPTO
> CONFIG_CRYPTO=y
> CONFIG_CRYPTO_DES=y
> CONFIG_CRYPTO_AES=y
> CONFIG_CRYPTO_AES_586=y
> CONFIG_CRYPTO_ARC4=y
> CONFIG_CRYPTO_MICHAEL_MIC=y
> CONFIG_CRYPTO_CRC32C=y
> 
> 
> 
> 
> One think to add - just now I realized, that I am not able to connect
> the "eduroam" net even manually (running iwconfig, ifconfig, wpa_supplicant
> with appropriate settings) - wpa_supplicant was not able to authentize
> me. I have send an e-mail to our support, so I expect that something
> may be brokem on my side. Nevertheless, I would expect knm to show some
> configuration for WPA, even if the authentization will fail then. However,
> knm allows WEP configuration only.
> 
> I do not have "nm-tool" installed (part of NM? It was not installed togerher
> with NM. Depends on Gnome?). So I cannot provide its output; is it big
> problem?
> 
> Thank you for continuous help, best regards,
> Dan
> 
> ----- PŮVODNÍ ZPRÁVA -----
> Od: "Helmut Schaa" <hschaa at suse.de>
> Komu: kde-networkmanager at kde.org
> Předmět: Re: Connection to wireless network - wpa
> Datum: 20.6.2007 - 13:06:21
> 
>> Am Donnerstag, 14. Juni 2007 schrieben Sie:
>>>> Am Freitag, 8. Juni 2007 schrieb rozelak at volny.cz:
>>>>>>> Can it be helpful for you? What other stuff should
>>>>>>>> I collect?
>>>> Can you please attach the NetworkManager log? Should
>>>>>> be somewhere
>>>> like "/var/log/NetworkManager".
>>> Sorry for delay, I was out of Internet connection.
>>> I have collected log messages for both issues - connection
>>> to wep wireless
>>>> and disabling scanning. Both are sent in attachment
>>> - 'connectTry_log'
>>>> is the output of the logger, 'connectTry_dbus' is
>>> the output of
>>>> 'dbus-monitor --system'. Similarly for wireless disabling,
>>> in 'disableWL_*'
>>>> I write few marks into them when actions were invoked.
>>>>
>>> The procedure of wpa connection was - I have wireless
>>> enabled, I have
>>>> chosen 'eduroam' network (displayed in knm with lock
>>> symbol next to
>>>> the icon and 'encryption protcol: WEP WPA WPA2' in
>>> the info box) and
>>>> dialog to choose encryption appeared. However, there
>>> was no wpa posibility
>>>> to choose (just WEP-passphrase, WEP-40-1040bit hex
>>> and WEP-40-1040bit
>>>> ASCII). Then I canceled the dialog.
>> Two more questions:
>>
>> - Can you please provide the output of "iwlist eth1
>> scan" and nm-tool when the
>> appropriate network is in range cause an access point
>> providing WEP and WPA
>> at the same time is very uncommon (impossible?) ;-).
>> Perhaps thare are two
>> APs in range, one with WEP and one with WPA, but both
>> with the same essid.
>>
>> - Do you use an ipw3945 wireless card?
>>
>> Helmut
>> _______________________________________________
>> kde-networkmanager mailing list
>> kde-networkmanager at kde.org
>> https://mail.kde.org/mailman/listinfo/kde-networkmanager
> 
> 
> _______________________________________________
> kde-networkmanager mailing list
> kde-networkmanager at kde.org
> https://mail.kde.org/mailman/listinfo/kde-networkmanager
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGeYBN+vG8YFo3LPMRArQtAKCVC28UoMXBODQdOzdzN7MGRixGywCgrkrz
+1EUJ/jkE3DqXRMAv3L27rQ=
=MeN/
-----END PGP SIGNATURE-----

More information about the kde-networkmanager mailing list