[vox-tech] Connecting to moobilenetx

Eric Lin notapplicable.haha at gmail.com
Tue Oct 6 13:28:34 PDT 2009 

Greetings all,

It took me some time to figure out how to get my connection to moobilenetx
on the UCD campus working last year, so I decided to write a guide for
anyone who decides to use it.

1. Check for WPA support In a virtual terminal (xterm, rxvt, Konsole, GNOME
Terminal, etc.), type:

       /sbin/iwlist auth

   If you have WPA support, you should see something like the following:

       $ /sbin/iwlist auth 
       lo        no authentication information.  
       wlan0     Authentication capabilities :
                       WPA 
                       WPA2 
                       CIPHER-TKIP 
                       CIPHER-CCMP 
                       [...]

2. Make sure you have wpa_supplicant installed 
   As root in a virtual terminal running bash, type:

	PATH=$PATH:/usr/sbin:/sbin which wpa_supplicant

    If you see something like this, then you have wpa_supplicant.

	# PATH=$PATH:/usr/sbin:/sbin which wpa_supplicant
	/usr/sbin/wpa_supplicant

    If you don't have wpa_supplicant, get it from your distribution's
repositories.

    Here are a few examples, all executed as root:

	Debian-based distributions (1) (Ubuntu, Linux Mint, Debian, etc.):
        aptitude update
        aptitude install wpasupplicant

	Fedora: yum install wpasupplicant

	openSUSE: zypper install wpa_supplicant

	Mandriva: urpmi wpa_supplicant

	Arch Linux: pacman -S wpa_supplicant

	Gentoo: emerge -av net-wireless/wpa_supplicant

3. Configure wpa_supplicant in /etc/wpa_supplicant.conf 

Open /etc/wpa_supplicant.conf as root with your favorite text editor
(Caution: Running graphical applications via sudo may leave X unusable.
Instead, run graphical applications as root after entering root shell with
sudo -i or su. If X does become unusable, remove your user's ~/.Xauthority
file.) If /etc/wpa_supplicant.conf does not exist, create it.

    Copy the following into your file:

	ctrl_interface=/var/run/wpa_supplicant 
        ctrl_interface_group=0
        eapol_version=1 
        ap_scan=1 
        fast_reauth=1

	network={ 
          ssid="moobilenetx"
          scan_ssid=1
          key_mgmt=WPA-EAP
          eap=PEAP TTLS
          ca_cert="/path/to/cert"
          identity="janedoe"
          password="passw0rd"
          phase1="peaplabel=0"
          phase2="auth=MSCHAPV2"
        }

    Replace janedoe with your UCD login id and passw0rd with your kerberos
password. Replace /path/to/cert with the path to the root certificate
bundle, which you may download here (2) or find on your filesystem (try  wc
-l $(locate ca-bundle) or find / -name *ca-bundle* -exec wc -l {} + and see
if the certificate bundles that show up have a lot of certificates -- more
than 2,000 lines).

4. Connect to moobilenetx As root in a virtual terminal:

	Check to see that your computer sees moobilenetx: 
        iwlist wlan0 scan | grep moobilenetx

	Try to connect (be sure to replace wlan0 with your wireless
interface): 
        wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf

If you see something like this, then you're connected. You may or may not
get the OpenSSL error, depending on your wireless card, but it should not
cause problems with your connection. The command will not terminate after
it connects, so press Ctrl - C to stop the execution of the command (NB:
This will close your connection. If you wish to skip running wpa_supplicant
in daemon mode for now, press Ctrl - Z to stop the command, type bg to
background the process, and go on to step 5):

       # wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf
       CTRL-EVENT-SCAN-RESULTS
       Trying to associate with xx:xx:xx:xx:xx:xx (SSID='moobilenetx'
freq=xxxx MHz)
       Associated with xx:xx:xx:xx:xx:xx
       CTRL-EVENT-EAP-STARTED EAP authentication started
       CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
       OpenSSL: tls_connection_handshake - Failed to read possible
Application Data error:00000000:lib(0):func(0):reason(0)
       EAP-MSCHAPV2: Authentication succeeded
       EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
       CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully

       WPA: Key negotiation completed with xx:xx:xx:xx:xx:xx [PTK=TKIP
GTK=TKIP]
       CTRL-EVENT-CONNECTED - Connection to xx:xx:xx:xx:xx:xx completed
(auth) [id=0 id_str=]

    Now that you've -- hopefully -- connected, run wpa_supplicant in daemon
mode:
	wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -B

5. Get an IP address so you can use the network As root in a virtual
terminal, replacing wlan0 with your wireless interface and hostname with
your computer's name where applicable:

	dhclient wlan0

    or

	dhcpcd wlan0

    or

	pump -i wlan0 -h hostname

Links: 
1. http://en.wikipedia.org/wiki/Category:Debian-based_distributions
2. http://curl.haxx.se/docs/caextract.html

I realize my guide probably has many problems with formatting and such, but it can be revised.

-Eric

More information about the vox-tech mailing list