Esta página está en inglés, porqué puede ser útil en general. Cuando tenga un poquito de tiempo haré una versión en castellano (o a lo mejor puede hacerla alguien de Linux entre Comillas.
This page explain how I managed to connect to the University wireless network, which is a IEEE802.1x network using PEAP and MSCHAPv2 protocols for authentication. I use a RTL8180-based cheap 802.11b PCMCIA card, on a Sony laptop with a recent Mandrakelinux distribution. So, if you have different setups, some command/location of file may change.
Moreover, this explain a quite manual procedure. It can be made more user-friendly for sure, integrating it in the general structure of your distribution. I have no time to hack this part.
Standard disclaimer: this one works for me. I will have no responsibility on the effects that this procedure could have on your hardware, software, time or environment...
- The software you need.
Basically, you need a wireless hardware and the corresponding software driver able to support dynamic WEP keys.
To know if you have a wireless interface set up, issue the command:
iwconfigand if you have an interface with wireless extension, it will appear like this:lo no wireless extensions. eth0 no wireless extensions. eth1 no wireless extensions. wlan0 IEEE 802.11b ESSID:"upco_wlan" Mode:Managed Frequency:2.442GHz Access Point: 00:11:5C:6B:90:E0 Bit Rate:11Mb/s Tx-Power:20 dBm Sensitivity=0/3 RTS thr:2432 B Fragment thr:2432 B Power Management:off Link Quality:100/100 Signal level:-61 dBm Noise level:-256 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0- For my card there is no native Linux driver, so that I use the ndiswrapper driver (thanks to Giridhar Pemmasani), which enable Linux to use Windows XP NDIS network drivers. I am using now release 1.1 which works perfectly out of the box.
- If you want to use the release 1.0 you need this additional patch that enables compatibility with the Cisco AP (Access Points) we have here. Notice that this patch is a bad hack; better use official ndiswrapper releases. Please notice, too, that with older release of this driver the connection is not going to work; unfortunately, almost all current Linux distribution ships a very old (0.8 or earlier) release.
Do not ask me for installation instruction; there is a very nice wiki page which should have all the answers.
- Then you need a supplicant, for example wpa_supplicant (thanks to Jouni Malinen). I use release 0.3.8 with this configuration file as
.config. (0.3.6 works too). Again, instructions on compiling and installing thewpa_supplicantcome with the package.- Next, to test the setup, I did a very strange hack: I disabled the network start from hotplug script, which went all the time into the way. I edited
/etc/hotplug/net.agentand added near the top:mesg "Romano hack: do not hotplug network!" exit 1which is a bit rude but hey... when I'll find out how automate all, I'll report here.- Next step: write a
/etc/wpa_supplicant.confthat suits you. For example:eapol_version=1 ap_scan=1 network={ ssid="upco_wlan" key_mgmt=IEEE8021X eap=PEAP identity="alumnos\romano" password="your-nice-pass-here" phase2="auth=MSCHAPV2" }In this file, the identity is composed by what here is called domain and username in Windows jargon, separated by a backslash.- Ready to go! Now load the interface driver if necessary (in my case with
modprobe ndiswrapper, "up" the interface withifconfig wlan0 up, and run the supplicant:# ./wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf Trying to associate with 00:11:5c:6b:90:e0 (SSID='upco_wlan' freq=2442 MHz) Associated with 00:11:5c:6b:90:e0 EAP-MSCHAPV2: Authentication succeeded EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 CompletedNote that the command is just the first line...- If authentication is gone well, you just have to ask an IP to enter the network; in Mandrakelinux you use
dhclient, others havepump:# dhclient wlan0 Internet Systems Consortium DHCP Client V3.0.1rc14 Copyright 2004 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/products/DHCP Listening on LPF/wlan0/00:0b:9d:00:b2:6e Sending on LPF/wlan0/00:0b:9d:00:b2:6e Sending on Socket/fallback DHCPREQUEST on wlan0 to 255.255.255.255 port 67 DHCPACK from 172.20.200.1 bound to 172.20.200.6 -- renewal in 11227 seconds.- It's all. Now you are on air. Congratulations!!!
- To automate it all, you can use this two scripts to start and, respectively, stop the connection:
- To start:
#! /bin/bash -x # modprobe ndiswrapper ifconfig wlan0 allmulti up wpa_supplicant -Dndiswrapper -iwlan0 -c /etc/wpa_supplicant.conf -Bw sleep 1 dhclient wlan0- To stop:
#! /bin/bash -x # killall wpa_supplicant killall dhclient ifconfig wlan0 down rmmod ndiswrapper
Accessed times from .
