You are not logged in.

Pages: 1

#1 2013-11-07 09:53:49

saciel
Member
From: Germany
Registered: 2006-07-30
Posts: 153

cannot connect to WIFI with WPA2 enterprise security

I'm currently trying to switch my Wifi from WPA2 Personal to WPA2 Enterprise using a dd-wrt flashed TP-Link router and a Synology Diskstation as the RADIUS server. The diskstation also creates the CA certificate which I can download from there for all client devices.

Configuration on the side of the router appears to be fine, I've entered all the details for RADIUS authentication and left "WPA Algorithms" at its default setting "TKIP", other options being ("AES" and "TKIP+AES"). I said it appears to be fine because my Android phone connection is established succesfully using the following (default) parameters:

EAP method: PEAP
Phase 2 Auth: NONE (also works with MSCHAPV2, and probably other options)
CA cert: unspecified (didn't download it to smartphone, must be fetched automatically from router I guess)
User cert: unspecified
Identity: myDiskstationUsername
Anonymous Identity: (blank)
Password: myDiskstationPassword

So far, so good... I still cannot manage to get a connection from my laptop running Arch. Prefered method would be via "wicd". The best match seems to be the following configuration profile:

name = PEAP with TKIP/MSCHAPV2
author = Fralaltro
version = 1
require identity *Identity password *Password
optional ca_cert *Path_to_CA_Cert
protected password *Password
-----
ctrl_interface=/var/run/wpa_supplicant
network={
        ssid="$_ESSID"
        scan_ssid=$_SCAN
        proto=WPA
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=PEAP
        identity="$_IDENTITY"
        password="$_PASSWORD"
        ca_cert="$_CA_CERT"
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"
}

But it's not working, both with and without specifing the optional path to the CA certificate. Any ideas what I could've been missing or any clues for debugging?

Last edited by saciel (2013-11-07 09:55:16)

They say if you reverse play a Windows CD you can hear satanic verses... But wanna know what's even worse? If you forward play it, it's gonna install Windows on your system!

Offline

#2 2013-11-08 20:50:24

angelos
Member
From: Athens, Greece
Registered: 2013-11-05
Posts: 1

Re: cannot connect to WIFI with WPA2 enterprise security

Why don't you use netctl?
I'm using netctl to connect to my FreeRadius Server, and I use this config...

Description='A wireless connection using a custom network block configuration'
Interface=wlp0s29f7u3
Connection=wireless
Security=wpa-configsection
IP=static
Address='192.168.1.200/24'
Gateway='192.168.1.1'
DNS=('192.168.1.1')
WPAConfigSection=(
    'ssid="SSID"'
    'key_mgmt=WPA-EAP'
    'eap=PEAP'
    'phase2="auth=MSCHAPV2"'
    'group=CCMP'
    'pairwise=CCMP'
    'identity="user"'
    'password="password"'
    'priority=1'
)

Offline

Pages: 1

Board footer

Powered by FluxBB