Differences
This shows you the differences between two versions of the page.
|
doc:howto:clientmode [2013/01/28 18:36] hrebec Added instruction for connecting with WPA2 Enterprise PEAP-GET Security |
doc:howto:clientmode [2013/01/28 18:40] (current) hrebec |
||
|---|---|---|---|
| Line 158: | Line 158: | ||
| ===== Client Mode with WPA2 Enterprise PEAP-GTC Authentication ===== | ===== Client Mode with WPA2 Enterprise PEAP-GTC Authentication ===== | ||
| - | *Make sure you have the full wpa_supplicant package that support EAP/PEAP authentication. | + | -Make sure you have the full wpa_supplicant package that support EAP/PEAP authentication. |
| - | *Use UCI or modify the /etc/config/wireless file to set the following options | + | -Use UCI or modify the /etc/config/wireless file to set the following options |
| option network 'wwan' | option network 'wwan' | ||
| option device 'radio0' | option device 'radio0' | ||
| Line 170: | Line 170: | ||
| option identity 'CHANGE_THIS_TO_YOUR_ID' | option identity 'CHANGE_THIS_TO_YOUR_ID' | ||
| - | *Enter //uci commit wireless// on the command line | + | -Enter //uci commit wireless// on the command line |
| - | *Enter //wifi// on the command line | + | -Enter //wifi// on the command line |
| When the wireless configuration is committed and wifi is commanded, a wpa_supplicant-wlan0.conf (may be something besides wlan0 if you are using a different interface) file is created in the /var/run (same as /tmp/run) directory containing the necessary variables. This looks like the following | When the wireless configuration is committed and wifi is commanded, a wpa_supplicant-wlan0.conf (may be something besides wlan0 if you are using a different interface) file is created in the /var/run (same as /tmp/run) directory containing the necessary variables. This looks like the following | ||
| - | ctrl_interface=/var/run/wpa_supplicant-wlan0 | + | ctrl_interface=/var/run/wpa_supplicant-wlan0 |
| - | + | ||
| - | network={ | + | network={ |
| scan_ssid=1 | scan_ssid=1 | ||
| ssid="YOUR_SSID_HERE" | ssid="YOUR_SSID_HERE" | ||
| Line 184: | Line 184: | ||
| phase2="auth=gtc" | phase2="auth=gtc" | ||
| identity="YOUR_ID_HERE" | identity="YOUR_ID_HERE" | ||
| - | password="" | + | password="" <----delete this line and save the file |
| - | } | + | } |
| There is a bug that prevents PEAP-GTC from working. Because no password was specified in the wireless configuration file, uci translated this to password="" in the wpa_supplicant conf file, when the time comes to enter your OTP (one time pin) you will not get the prompt because wpa_supplicant accepts "" as a valid null password. | There is a bug that prevents PEAP-GTC from working. Because no password was specified in the wireless configuration file, uci translated this to password="" in the wpa_supplicant conf file, when the time comes to enter your OTP (one time pin) you will not get the prompt because wpa_supplicant accepts "" as a valid null password. | ||
| - | *edit the wpa_supplicant-wlan0.conf file by removing the //password=""// line. | + | -edit the wpa_supplicant-wlan0.conf file by removing the //password=""// line. |
| - | *from the command line enter //wpa_cli -p /var/run/wpa_supplicant-wlan0// (change wlan0 to your interface as necessary) | + | -from the command line enter //wpa_cli -p /var/run/wpa_supplicant-wlan0// (change wlan0 to your interface as necessary) |
| This will bring up the wpa command line interface. This is necessary because the command line interface receives the OTP query from the wpa_supplicant. | This will bring up the wpa command line interface. This is necessary because the command line interface receives the OTP query from the wpa_supplicant. | ||
| - | *First, reload the modified wpa supplicant configuration file by type //reconfigure// in the wpa_cli interactive prompt. | + | -First, reload the modified wpa supplicant configuration file by type //reconfigure// in the wpa_cli interactive prompt. |
| - | *Then, type //reassociate// | + | -Then, type //reassociate// |
| - | *After a few seconds you should receive a prompt to enter your one time pin. | + | -After a few seconds you should receive a prompt to enter your one time pin. |
| - | *If you have more than one interface on which the wpa supplicant is running determine the //id// of the desired interface by typing //status// at the wpa_cli prompt. If you have only one interface it has id=0 | + | -If you have more than one interface on which the wpa supplicant is running determine the //id// of the desired interface by typing //status// at the wpa_cli prompt. If you have only one interface it has id=0 |
| - | *At the wpa_cli prompt type //otp 0 your_password_here// | + | -At the wpa_cli prompt type //otp 0 your_password_here// |
| - | *If you are lucky and have been a good boy (or girl) you will receive a message saying that you have been authenticated and the interface is connected. | + | -If you are lucky and have been a good boy (or girl) you will receive a message saying that you have been authenticated and the interface is connected. |
| - | *You may now quit wpa_cli | + | -You may now quit wpa_cli |
| - | *Continue with whatever else you were up to. | + | -Continue with whatever else you were up to. |
| - | + | ||
| - | + | ||
| - | + | ||
doc/howto/clientmode.txt · Last modified: 2013/01/28 18:40 by hrebec