WlanConnection - WPA2-EAP(PEAP;MSCHAPv2) How to configure?
Hi,
after a long way i finaly made my 4965 card work with my Debian and kernel 2.6.24-1 (64-bit). I can connect to WEP WLAN without problems. Now i want to configure my card for our companys WLAN. We have Domain authentication. I already could get the WPA2 config running with my old labtop with Suse 10.3. With Suse it was relatively easy with Knetworkmanager. Now with Debian i have to get this crap running by hand because the Networkmanager installation i tried under gnome does not work... I have an Networkmanager Icon under gnome but it can not find any card... So can anybode give me a clue how i can configure my debian by hand for authentication with a WPA2 Enterprise WLAN which is EAP based and needs Windows Domain User Authentication (PEAP and MSCHAPv2). Thanks in advance. Huberbauer |
You need to install a program called wpa_supplicant. Either use apt-get or aptitude to install it. I don't know if it works with the GUI programs, but at a command line I can (and have) authenticated wirelessly with most every type of wpa encryption, including PEAP.
Peace, JimBass |
I have struggled with using wpa_supplicant myself, trying to connect to just such a network. For the benefit of all those who know as little as I do, is there a how-to tutorial about using wpa_supplicant anywhere? That would be great.
|
Hi,
i have installed wpa_supplicant but i am not shure if i configured it correctly. Hopefully someone can help me with this part. My wpa_supplicant file looks like this: ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=1 fast_reauth=1 network={ ssid="WirelessLANSSID" proto=WPA pairwise=CCMP TKIP group=CCMP TKIP key_mgmt=WPA-EAP eap=PEAP TTLS TLS identity="DOMAIN\USERNAME" password="PASSWORD" phase2="auth=MSCHAPv2" } My /etc/network/interfaces file i have modified too like this: auto wlan0 iface wlan0 inet dhcp wpa-ssid WirelessLANSSID pre-up wpa_supplicant -Bw -Dmadwifi -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf post-down killall -q wpa_supplicant i have also tried -Dwext option but this does not work too. The modules for madwifi are loaded correct and the iwl4965 module too. i can see the network in kismet for example but i dont know how i have to configure the files correctly. Thanks |
You have a few problems in there. You shouldn't have 2 files controlling one thing, and in this case you do have that, possibly causing a problem as the /etc/wpa_supplicant/wpa_supplicant.conf file fights with the /etc/network/interfaces file. I also think you have way too much going on in your wpa.supplicant.conf file, and bet you'll get better results by trimming it down.
First off, don't put anything about a particular ssid in your /etc/network/interfaces file. That file effects your interface all the time, so with the ssid wrapped in there, you'll never be able to authenticate at a coffee shop or wifi hotspot. I'd make that file look like this for the wireless card: Code:
auto wlan0 Code:
ctrl_interface=/var/run/wpa_supplicant Code:
jim@jimsworktop:~$ cat /etc/wpa_supplicant.conf Code:
ctrl_interface=/var/run/wpa_supplicant You do need to call wpa_supplicant with -Dmadwifi for your setup, wext would be if your card worked with just the kernel and firmware, basically without madwifi. So here are some commands: Code:
ifdown wlan0 Please post back with problems. Peace, JimBass |
Raspberry PI Wpa_supplicant with AES PEAP and AD username authentication
Hi All newb here!
I know this post is old but I am struggling to find answers so Im giving in and asking! I am trying to get a raspberry pi using WPA_supplicant to work on an enterprise network using the following settings network = { ssid="*********" scan_ssid=1 proto=RSN I think this is required (robust secure network) for the AES side of things so leave it in? key_mgmt=WPA-EAP Not Sure if this should be WPA-PSK (so worth trying both) pairwise=TKIP group=TKIP eap=PEAP identity="domain\username" Again not sure if this needs to have the domain split out in a separate line or try the “ithsu002@nt1000” password="*******" ca_cert="/etc/cert/ca.pem" Not sure if this needs to be here they use certificates on other devices but not for these phase1="peapver=0" phase2="MSCHAPV2" } This is a remote site so it makes it all the more tricky to test the settings The normal network settings are SSID WIFI password WPA2 AES Domain and user name I have been trying to get the set up correct prior to sending the item to site but cant test it first and I have looked around and cant see anywhere that explains what each setting is, what is does, and the meanings, I can get it to work with a normal wpa2 wifi network and the device work fine with CAT5 but the application of where it needs to go there is only wifi possible. Many thanks in advance Paul |
All times are GMT -5. The time now is 11:39 AM. |