Wireless/eduroam

From CsWiki
Jump to: navigation, search

what is eduroam?

eduroam is global, cross-universities wireless network. read more.

connection instructions for GNU/Linux users

the official instructions can be confusing and do not work, here are configurations that work:

To connect, you need first register for ra account, just register here.

using network manager - GUI

open the wireless networks list, and click on "eduroam".

print screen after configuration

Choose Wireless Security: WPA & WPA2 Enterprise

Choose Authentication: Protected EAP (PEAP)

Leave the Anonymous identity field blank.

In CA certificate choose the location of your certificate (it's probably /etc/ssl/certs/AddTrust_External_Root.pem, but you can use /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt too, if you are having troubles find the file, run locate AddTrust_External)

Leave the "connect to those servers" field blank.

In Username: type your username in the following format: username%ra@huji.ac.il

In Password type your password

Click Connect/אישור.


using network manager - command line

Currently network-manager do not supply command line tools for configuring wpa-eap encrypted networks. so you need to edit network-manager configuration files by hand.

open the file /etc/NetworkManager/system-connections/eduroam (as root), and enter the following text:

[ipv6]
method=ignore
ip6-privacy=0

[connection]
id=eduroam
uuid=167213e3-1a81-40c2-9371-a93e22a24648
type=802-11-wireless

[802-11-wireless-security]
key-mgmt=wpa-eap

[802-11-wireless]
ssid=eduroam
mode=infrastructure
security=802-11-wireless-security

[802-1x]
eap=peap;
identity=username%ra@huji.ac.il
ca-cert=/etc/ssl/certs/AddTrust_External_Root.pem
phase2-auth=mschapv2
password=YOUR-PASSWORD-HERE
private-key-password-flags=1
phase2-private-key-password-flags=1

[ipv4]
method=auto
may-fail=false

network manager should now connect automatically, if it dosn't, run:

nmcli con up id eduroam

to disconnect, type:

nmcli con down id eduroam

to check if you are connected, run:

nmcli con status