Re: [UM-LINUX] umd-secure wpa_supplicant.conf

Thu, 04 Sep 2008 19:38:58 -0700 

Attached...

Make sure you have the Thawte Premium Server CA root certificate in 
/etc/ssl/certs/ ... you can get it from http://www.thawte.com/roots/ if needed.

If you happen to be using Ubuntu, note that there is a bug in the ifupdown 
package in Hardy that prevents wpa_supplicant from starting automatically on 
boot ... you can use the ifupdown package from Intrepid to fix it.  There's 
also a whole slew of bugs in the Intel wireless card drivers in Hardy ... the 
latest compat-wireless drivers (http://linuxwireless.org/en/users/Download) fix 
most of them.

On Thu, Sep 04, 2008 at 05:31:31PM -0400, Nathan Smoot wrote:
> Hello all,
> 
> Does anyone have a working wpa_supplicant.conf for the umd-secure
> network? I found one in the archives from Sep 07 but it's not working
> for me. Maybe I'm doing something incorrectly...
> 
> Thanks,
> 
> -- 
> Nathan Smoot
> [EMAIL PROTECTED]
> 

# umd-secure-fast (802.11A, WPA2)
network={
        identity="<directory id>"
        password="<password>"

        ssid="umd-secure-fast"
        priority=4
        # force WPA2, not WPA
        proto=WPA2
        # Use EAP
        key_mgmt=WPA-EAP
        # use AES unicast cipher
        pairwise=CCMP
        # use AES or TKIP broadcast/multicast cipher
        group=CCMP TKIP
        # use EAP-TTLS
        eap=TTLS
        # use PAP authentication
        phase2="auth=PAP"
        # verify cert
        ca_cert="/etc/ssl/certs/Thawte_Premium_Server_CA.pem"
        subject_match="CN=wireless.umd.edu"
}

# umd-secure (802.11BG, WPA2)
network={
        identity="<directory id>"
        password="<password>"

        ssid="umd-secure"
        priority=3
        # force WPA2, not WPA
        proto=WPA2
        # Use EAP
        key_mgmt=WPA-EAP
        # use AES unicast cipher
        pairwise=CCMP
        # use AES or TKIP broadcast/multicast cipher
        group=CCMP TKIP
        # use EAP-TTLS
        eap=TTLS
        # use PAP authentication
        phase2="auth=PAP"
        # verify cert
        ca_cert="/etc/ssl/certs/Thawte_Premium_Server_CA.pem"
        subject_match="CN=wireless.umd.edu"
}

# umd-fast (802.11A, Web Login)
network={
        ssid="umd-fast"
        priority=2
        key_mgmt=NONE
}

# umd (802.11BG, Web Login)
network={
        ssid="umd"
        priority=1
        key_mgmt=NONE
}

# Wildcard SSID is currently broken in wpa_supplicant
# See http://hostap.epitest.fi/bugz/show_bug.cgi?id=276
# But this is what you would normally do to fall back to any SSID:
# default (any SSID)
network={
        key_mgmt=NONE
}

ctrl_interface=/var/run/wpa_supplicant

Reply via email to