WPA Wireless Installation

Please note that due to the widely varying nature of Linux distributions, we cannot fully support wireless under Linux. The directions offered here are provided on an AS-IS basis. These instructions are based purely on use of the underlying tools, and ignore any potential capabilities of or problems with distributions specific management programs.

In particular, recent versions of the NetworkManager utility have been reported to be capable of configuring wireless appropriately. If your distribution includes this support, we recommend you attempt using that before falling back to these directions. The NetworkManager directions are available here.

Requirements:

• Linux distribution
• WPA2 compliant wireless card (Wi-Fi Certified)
• Linux driver that supports WPA2 on your wireless card
• wpa_supplicant Many Linux distributions ship with this utility already, so check before downloading separately
• Date and time set correctly

NOTE - Your wireless card needs to be registered through WPI Network Registration (http://netreg.wpi.edu/) prior to working on the WPI Wireless Network.

Setup of WPI Wireless Network

1. Make sure your computer's clock is set to the correct date and time.
2. Find your Linux system's wireless MAC address.
3. Make sure your Linux system's wireless MAC address is registered through WPI Network Registration.
4. Wait 30 minutes for your registration to become active.
5. Install wpa_supplicant. There is a list of supported cards and driver combinations on the wpa_supplicant page.
6. Using a Mac or PC that is already on the Internet, browse to the WPI Wireless Networking Certificate Files secure download page.
7. Log in using your CCC account.
8. Download the Wireless User and Network Operations CA files from the Linux section and make a note of the Wireless User Certificate Password at the top of the page which is needed to unlock the certificate file.
9. Copy the two certificate files to a convenient location for storing certificates, such as /etc/pki/tls/certs.
10. Configure /etc/wpa_supplicant.conf as follows, filling in the proper paths to the downloaded certificate files and entering the Wireless User Certificate Password from above. Substitute the years during which the certificate is valid for the 'XX-XX' portion of the identity value, i.e. "07-08".
    

    network={
    	ssid="WPI-Wireless"
    	key_mgmt=WPA-EAP
    	pairwise=CCMP
    	group=CCMP
    	eap=TLS
    	identity="Wireless User XX-XX"
    	ca_cert="/etc/pki/tls/certs/netops-ca.pem"
    	client_cert="/etc/pki/tls/certs/Wireless-User.pem"
    	private_key="/etc/pki/tls/certs/Wireless-User.pem"
    	private_key_passwd="the Wireless User Certificate Password from the download page"
    }
                    

11. Protect the security of the wireless network by making the configuration and Wireless User certificate files only readable by root:
    

    chown root:root /etc/wpa_supplicant.conf /etc/pki/tls/certs/Wireless-User.pem
    chmod 600 /etc/wpa_supplicant.conf /etc/pki/tls/certs/Wireless-User.pem
                    

12. Start wpa_supplicant with the configuration file and wireless network interface name. You may also need to pass the driver type, e.g.:
    

    wpa_supplicant -c /etc/wpa_supplicant.conf -i ath0 -D madwifi
    		

    The output from wpa_supplicant should look something like this:

    l2_packet_receive - recv: Network is down
    Trying to associate with 00:0b:0e:0f:87:41 (SSID='WPI-Wireless' freq=5180 MHz)
    Associated with 00:0b:0e:0f:87:41
    WPA: Key negotiation completed with 00:0b:0e:0f:87:41
    		

13. Start your DHCP client on the wireless network interface, e.g.:
    

    /sbin/dhclient ath0
    		

Your computer should now be connected to the WPI-Wireless network.