Arch Linux

IonizedBanana

Member

Registered: 2025-01-29

Posts: 16

[SOLVED] connected to school wifi, with no internet connection

Hello all, I normally never need to post here I'm pretty good about solving issues on my own, but I'm truly stuck. Recently my school wifi has stopped working. I used to be able to connect just fine, until last friday. I can still connect to the network, my login credentials are fine, but I can't actually get through to the internet. I spoke to my school's IT guy to ask  if it was intentional (new school policy on cellphones and personal devices) and he assured me it was not. He mentioned something about updating their certs, and that I guess a lot of people who bring their own laptops to school have had issues, but for them forgetting and reconnecting solves them. They're all on windows/mac and the school issued devices are all chromebooks. Apparently I'm the only person he's ever seen use linux and mr IT guy has no idea how to use it, so besides checking all my network login info is correct he said I'm on my own. I've tried basically every solution I can find and nothing has helped obviously. The weird thing is, as far as I can tell I'm getting an IP from the network and my DNS resolves. pinging google.com returns a valid IP, just nothing will go through, and I can ping 1.1.1.1 and other DNS servers just fine. below I'll post the output of all the commands that I can think of to see if anyone can spot an issue on my end, or if the school messed up their firewall or something.

ip a:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host proto kernel_lo 
       valid_lft forever preferred_lft forever
2: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 2c:33:58:41:95:a6 brd ff:ff:ff:ff:ff:ff
    inet 10.150.192.160/21 metric 600 brd 10.150.199.255 scope global dynamic wlan0
       valid_lft 3472sec preferred_lft 3472sec
    inet 10.150.197.40/21 brd 10.150.199.255 scope global secondary dynamic noprefixroute wlan0
       valid_lft 86272sec preferred_lft 86272sec
    inet6 fe80::5b5:4f4d:c2ad:dbac/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

ip r:

 default via 10.150.192.1 dev wlan0 proto dhcp src 10.150.192.160 metric 600 
default via 10.150.192.1 dev wlan0 proto dhcp src 10.150.197.40 metric 600 
10.10.10.91 via 10.150.192.1 dev wlan0 proto dhcp src 10.150.192.160 metric 600 
10.10.10.92 via 10.150.192.1 dev wlan0 proto dhcp src 10.150.192.160 metric 600 
10.150.192.0/21 dev wlan0 proto kernel scope link src 10.150.192.160 metric 600 
10.150.192.0/21 dev wlan0 proto kernel scope link src 10.150.197.40 metric 600 
10.150.192.1 dev wlan0 proto dhcp scope link src 10.150.192.160 metric 600 

my network manager settings:

[connection]
id=LR5Wireless
uuid=52624cc9-f60d-4856-8425-f469ac8d7278
type=wifi
timestamp=1738001228

[wifi]
mode=infrastructure
ssid=LR5Wireless

[wifi-security]
key-mgmt=wpa-eap

[802-1x]
domain-suffix-match=lexrich5.org
eap=peap;
identity=[my username]
password=[my password]
phase2-auth=mschapv2
#phase1-auth-flags=32

[ipv4]
method=auto

[ipv6]
addr-gen-mode=stable-privacy
method=auto

[proxy]

resolv.conf:

# Generated by NetworkManager
search lexrich5.org
nameserver 10.10.10.91
nameserver 10.10.10.92

traceroute output:

traceroute to google.com (108.177.122.100), 30 hops max, 60 byte packets
 1  _gateway (10.150.192.1)  12.186 ms  13.028 ms  12.068 ms
 2  172.17.2.253 (172.17.2.253)  5.513 ms  5.484 ms  5.454 ms
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  *

if anyone has any ideas, or needs me to run more commands I'll gladly run them. I can only run them while at school obviously, so it may take time though

Last edited by IonizedBanana (2025-01-30 18:08:41)

twelveeighty

Member

Registered: 2011-09-04

Posts: 1,448

Re: [SOLVED] connected to school wifi, with no internet connection

just nothing will go through

Can you describe what you mean, because you say DNS and ping are working fine. So what isn't?

mackin_cheese

Member

Registered: 2025-01-07

Posts: 477

Re: [SOLVED] connected to school wifi, with no internet connection

What happens when you do a full system upgrade, does pacman retrieve info and packages?

IonizedBanana

Member

Registered: 2025-01-29

Posts: 16

Re: [SOLVED] connected to school wifi, with no internet connection

Can you describe what you mean, because you say DNS and ping are working fine. So what isn't?

if I ping anything except dns, it will start the first line

PING google.com (googles ip)

but no packets will go through, it doesnt error, just nothing happens until I cancel the command. I say DNS is working because the ip it shows it a valid google ip (I tested putting the ip in my url bar on another internet connection, it leads to google) and also pinging 1.1.1.1 or 8.8.8.8 returns packets just like normal. If I try to load a webpage, it will load and load until it times out.

IonizedBanana

Member

Registered: 2025-01-29

Posts: 16

Re: [SOLVED] connected to school wifi, with no internet connection

What happens when you do a full system upgrade, does pacman retrieve info and packages?

as soon as it tries to sync packages it stops, the second syncronizing packages shows up, it stays on core until I cancel it

twelveeighty

Member

Registered: 2011-09-04

Posts: 1,448

Re: [SOLVED] connected to school wifi, with no internet connection

That sounds like either DNS resolving to a bogus or internal IP instead of the actual IP or (more likely) a firewall is blocking you. Check your local firewall configuration before you start yelling at school IT (I've made a mistake like that in past, it doesn't look good on you )

To check DNS masking: install a Lookup utility such as 'drill' or 'dig' and from a working location query your regional IP for google.com; check if you can ping that IP from the working location and then on the school network ping that IP (not the name) again. Does that go through?

IonizedBanana

Member

Registered: 2025-01-29

Posts: 16

Re: [SOLVED] connected to school wifi, with no internet connection

'drill' or 'dig' and from a working location query your regional IP for google.com; check if you can ping that IP from the working location and then on the school network ping that IP (not the name) again. Does that go through?

results of drill:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 61285
;; flags: qr rd ra ; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; google.com.	IN	A

;; ANSWER SECTION:
google.com.	247	IN	A	74.125.136.100
google.com.	247	IN	A	74.125.136.102
google.com.	247	IN	A	74.125.136.139
google.com.	247	IN	A	74.125.136.101
google.com.	247	IN	A	74.125.136.138
google.com.	247	IN	A	74.125.136.113

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 126 msec
;; SERVER: 1.1.1.1
;; WHEN: Thu Jan 30 11:29:19 2025
;; MSG SIZE  rcvd: 124

from this I assume 74.125.136.100 is the ip I need, and putting it in my url bar leads to google, so I went with it

results from pinging that while on my phones hotspot:

PING 74.125.136.100 (74.125.136.100) 56(84) bytes of data.
64 bytes from 74.125.136.100: icmp_seq=1 ttl=104 time=167 ms
64 bytes from 74.125.136.100: icmp_seq=2 ttl=104 time=75.5 ms
64 bytes from 74.125.136.100: icmp_seq=3 ttl=104 time=62.8 ms
64 bytes from 74.125.136.100: icmp_seq=4 ttl=103 time=70.9 ms
64 bytes from 74.125.136.100: icmp_seq=5 ttl=103 time=91.5 ms

--- 74.125.136.100 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 62.816/93.437/166.533/37.726 ms

results from pinging from the school wifi:

PING 74.125.136.100 (74.125.136.100) 56(84) bytes of data.

--- 74.125.136.100 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5077ms

its worth noting (i think) that I cant drill google from my school wifi, dont know if thats relevant at all

a firewall is blocking you. Check your local firewall configuration before you start yelling at school IT

how would I check this? I dont see how it could be the issue considering every other (private) network I connect to works just fine, but I will gladly check before I go bother them about it. I dont think the IT guy at my school knows anything about it, so if I had to yell at someone I'd have to escalate to someone higher up the chain, and frankly considering I have a school chromebook, they'd make me use that before they bother trying to fix my one laptops issue, since I'm probably the only person who has this issue.

IonizedBanana

Member

Registered: 2025-01-29

Posts: 16

Re: [SOLVED] connected to school wifi, with no internet connection

good news, my internet started working as of about 5 minutes ago. I've changed nothing, just had my laptop open and noticed it disconnected itself from the wifi, I reconnected and it works now. Sorry if anyone has a similar experience in the future, I dont have a solution. My guess is that it was indeed on the school's side, and they updated or restarted or something, not sure. Either way, it works now and I can do my work, so whatever I suppose.

live4thamuzik

Member

Registered: 2024-02-27

Posts: 72

Re: [SOLVED] connected to school wifi, with no internet connection

Be careful on that network! MSCHAPv2 was cracked in 1999, school should use EAP-TLS. Most net admins still use RADIUS with PEAP / MSCHAPv2 because it is well documented and easy to configure then tell people to use their AD/LDAP credentials for auth so they aren't distributing WPA/2/3 passwords that are always leaked in a school setting.

Side note - newer android devices won't connect to that type of network because its vulnerable.

twelveeighty

Member

Registered: 2011-09-04

Posts: 1,448

Re: [SOLVED] connected to school wifi, with no internet connection

results from pinging from the school wifi:

PING 74.125.136.100 (74.125.136.100) 56(84) bytes of data.

--- 74.125.136.100 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5077ms

FYI - because you confirmed that to work earlier on a different network, that's almost guaranteed a firewall blocking you on the school network. Now, a subtlety is that it is possible a firewall blocks "ping" and not HTTP/S, but most likely were tinkering with the firewall and blocked everything for you.