Information Technology — Configuring Software @ Rhodes

Connecting to the secure wireless network in Linux/FreeBSD using wpa_supplicant

Option 1: TTLS

Put the following into your /etc/wpa_supplicant.conf

network={
  ssid="eduroam"
  key_mgmt=WPA-EAP
  proto=RSN WPA
  eap=TTLS
  anonymous_identity="anonymous@ru.ac.za"
  identity="g00a1234@campus.ru.ac.za"
  password="XXXXXXXXXXXX"
  ca_cert="/path/to/DigiCertHighAssuranceEVRootCA.crt"
}

replacing "g00a1234" with your correct Rhodes username and "XXXXXXXXXXXX" with your normal Rhodes password. If you're a staff member, use @ru.ac.za instead of @campus.ru.ac.za in the identity field. Leave the anonymous_identity as-is, it is very important.

You'll also need to download and save the DigiCert High Assurance EV Root CA certificate, and then fix the path in the ca_cert line.

Option 2: PEAP

Use this instead of the network section above as an alternative. The CA certificate is not required.

network={
    ssid="eduroam"
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="g00a1234@campus.ru.ac.za"
    password="XXXXXXXXXXXXX"
    phase2="auth=PAP"
}

replacing "g00a1234" with your correct Rhodes username and "XXXXXXXXXXXX" with your normal Rhodes password. If you're a staff member, use @ru.ac.za instead of @campus.ru.ac.za in the identity field.

Setting up wpa_supplicant on Fedora 10

Note: With most PCs, it should be possible to use Network Manager to connect to the wireless network. These instructions are for configuring the connection manually, and are intended for advanced users.

Setup

• Install wpa_supplicant (available locally http://fedora.ru.ac.za/F10/) using yum.
• Edit /etc/wpa_supplicant/wpa_supplicant.conf and include the configuration from Option 1 or Option 2 above.
• Go to System->Administration->Network. Select Wireless device and edit. (Uncheck: "Controlled by Network Manager", "Activate device when computer starts" Check:"Allow all users to enable and disable device")
• Make sure that the services "network" and "wpa_supplicant" are set to start for desired runlevel (probably 5), by going to System->Administration->Services and ensuring then "network" and "wpa_supplicant" are enabled.
• Reboot

Use

• After logging in, go to System->Administration->Network device control and activate your wireless device.
• Wait a minute or so for wpa_supplicant to negotiate a link.