Differences
This shows you the differences between two versions of the page.
|
doc:howto:clientmode [2012/11/29 16:36] uvray313 |
doc:howto:clientmode [2013/01/28 18:40] (current) hrebec |
||
|---|---|---|---|
| Line 157: | Line 157: | ||
| + | ===== Client Mode with WPA2 Enterprise PEAP-GTC Authentication ===== | ||
| + | -Make sure you have the full wpa_supplicant package that support EAP/PEAP authentication. | ||
| + | -Use UCI or modify the /etc/config/wireless file to set the following options | ||
| + | option network 'wwan' | ||
| + | option device 'radio0' | ||
| + | #set device and network as necessary | ||
| + | option mode 'sta' | ||
| + | option ssid 'CHANGE_THIS_TO_YOUR_SSID' | ||
| + | option encryption 'wpa2+ccmp' | ||
| + | option eap_type 'peap' | ||
| + | option auth 'gtc' | ||
| + | option identity 'CHANGE_THIS_TO_YOUR_ID' | ||
| + | -Enter //uci commit wireless// on the command line | ||
| + | -Enter //wifi// on the command line | ||
| + | When the wireless configuration is committed and wifi is commanded, a wpa_supplicant-wlan0.conf (may be something besides wlan0 if you are using a different interface) file is created in the /var/run (same as /tmp/run) directory containing the necessary variables. This looks like the following | ||
| + | ctrl_interface=/var/run/wpa_supplicant-wlan0 | ||
| + | |||
| + | network={ | ||
| + | scan_ssid=1 | ||
| + | ssid="YOUR_SSID_HERE" | ||
| + | key_mgmt=WPA-EAP | ||
| + | proto=WPA2 | ||
| + | eap=PEAP | ||
| + | phase2="auth=gtc" | ||
| + | identity="YOUR_ID_HERE" | ||
| + | password="" <----delete this line and save the file | ||
| + | } | ||
| - | + | There is a bug that prevents PEAP-GTC from working. Because no password was specified in the wireless configuration file, uci translated this to password="" in the wpa_supplicant conf file, when the time comes to enter your OTP (one time pin) you will not get the prompt because wpa_supplicant accepts "" as a valid null password. | |
| + | -edit the wpa_supplicant-wlan0.conf file by removing the //password=""// line. | ||
| + | -from the command line enter //wpa_cli -p /var/run/wpa_supplicant-wlan0// (change wlan0 to your interface as necessary) | ||
| + | This will bring up the wpa command line interface. This is necessary because the command line interface receives the OTP query from the wpa_supplicant. | ||
| + | -First, reload the modified wpa supplicant configuration file by type //reconfigure// in the wpa_cli interactive prompt. | ||
| + | -Then, type //reassociate// | ||
| + | -After a few seconds you should receive a prompt to enter your one time pin. | ||
| + | -If you have more than one interface on which the wpa supplicant is running determine the //id// of the desired interface by typing //status// at the wpa_cli prompt. If you have only one interface it has id=0 | ||
| + | -At the wpa_cli prompt type //otp 0 your_password_here// | ||
| + | -If you are lucky and have been a good boy (or girl) you will receive a message saying that you have been authenticated and the interface is connected. | ||
| + | -You may now quit wpa_cli | ||
| + | -Continue with whatever else you were up to. | ||
doc/howto/clientmode.1354203415.txt.bz2 · Last modified: 2012/11/29 16:36 by uvray313