Wireless WPA (Breezy)

Fri Sep 16 09:17:06 CDT 2005

On Sep 15, 2005, at 11:32 PM, R S Gill wrote:

> Hi,
>
> I am trying to connect to the wireless network at Purdue University. 
> Purdue's wireless network uses PEAP to authenticate users.
>
> I am trying to connect to the wireless network with a Netgear WG511T 
> wireless card which works with Breezy out of the box. I have tried 
> connecting to the network using wpa_supplicant and xsupplicant. I have 
> also installed the ca-certificates package.
>
> So far I have been unsuccessful.
>
> As a reference, the instructions (Windows and Mac) that Purdue 
> provides to connect to the wireless network can be dound at:
> http://www.itap.purdue.edu/airlink/instructions.cfm

We have a similar setup here at WVU.  I don't have this setup on my 
laptop, but here is the wiki entry created by someone who has.  Hope it 
helps.

This page will explain how I configured my laptop to use secure.wvu. A 
work in progress.

First, you have to sign up using the process detailed at 
http://wireless.wvu.edu .

Next, you need the following packages: wpasupplicant, openssl, 
ca-certificates

My config file for wpasupplicant is /etc/wpa_supplicant.conf and looks 
like this:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=johnny
network={
         ssid="secure.wvu"
         scan_ssid=1
         key_mgmt=IEEE8021X
         eap=PEAP
         ca_cert="/etc/ssl/certs/Equifax_Secure_CA.pem"
         phase1="peaplabel=0"
         phase2="auth=MSCHAPV2"
}

You should be able to use this verbatim.

Next, to start the daemon, execute:

sudo wpa_supplicant -d -i ath0 -c /etc/wpa_supplicant.conf -D madwifi

-d enables debug, -i is the inteface, -c is the config file, and -D is 
the driver (mine is madwifi, choose your own poison).

Once the daemon is running, you can run the command line interface, 
wpa_cli. It will hook onto the daemon and wait for secure.wvu to come 
into range, and prompt for credentials. When prompted for credentials, 
enter them like this:

identity 0 jeckersb

password 0 --password-goes-here--

At this point running iwconfig should show association with secure.wvu. 
Now run dhclient on the interface to get an address.

Currently, at this point I got an address, but the AP kept dropping my 
connection. I don't know if it's because of poor signal or what, but I 
still haven't successfully used this. I'm 99% positive if I can keep 
associated the connection will work perfectly.

update --johnny, 2005/05/03 11:01 EST
I just tried again during a bits n bytes run, and successfully browsed 
slashdot from the lobby. The connection kept cutting out, but it was 
still moderately usable. I think the cutting out behavior may be from 
my network applet getting horribly confused and trying to steal back 
the interface, so next time I go down I'm going to test again without 
the applet running.

Victory --johnny, 2005/05/03 13:57 EST
After killing my network applet, this works perfectly now. Somebody 
else try this and let me know if it works.

Dosen't work --scotth, 2005/05/03 19:44 EST
Tried on DWL-122 with linux-wlan-ng driver. It does not work. I think 
its trying to use hostap ioctls, but they don't work on my drivers. 
Either way, I think you need a supported driver which can be listed by 
passing the -D option with nothing following it.

Additional Info --gregoryt, 2005/09/07 15:39 EST
Quote from a user that might come in handy: FYI if you would like to 
add it to your wiki, to get this to work with intel ipw2200 cards you 
must add the following line to your /etc/wpa_supplicant.conf: ap_scan=2