[YLUG] Setting up wireless with wpa_supplicant and eduroam

[Gavin Atkinson]

On Sun, 2010-01-17 at 14:43 +0000, Roger Leigh wrote:
> Hi folks,
> 
> Has anyone successfully connected to the York University "eduroam"
> wireless network using wpa_supplicant?  (i.e. /not/ the excreable
> NetworkManager.)  I'm just not getting a lease, so I'm presumably
> missing some crucial item in wpa_supplicant.conf.  The CompServ
> example assumes the use of NetworkManager, and I'm not sure
> exactly how the GUI settings map onto the actual configuration
> file key-value pairs.
> 
> # WPA2-EAP/CCMP using EAP-TLS
> 
> ctrl_interface=/var/run/wpa_supplicant
> 
> network={
>         ssid="eduroam"
>         key_mgmt=WPA-EAP WPA-EAP2
>         proto=WPA2
>         pairwise=CCMP
>         group=CCMP
>         eap=TLS
>         ca_cert="/etc/ssl/certs/Equifax_Secure_CA.pem"
>         identity=rl522
>         password=••••••••••
> }

I use it all the time, it works well with the following:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel

network={
        ssid="eduroam"
        scan_ssid=1
        auth_alg=OPEN
        key_mgmt=WPA-EAP
        proto=WPA
        pairwise=TKIP
        group=TKIP
        eap=PEAP
        ca_cert="/etc/certs/Equifax.pem"
        identity="ga9 at york.ac.uk"
        phase2="auth=MSCHAPV2"
        priority=1
        eapol_flags=3
        password="XXXXXXXXX"
}

Although some of the options may not be necessary at York, I've not had
any issues roaming to other universities either with the above.  I'm
using wpa_supplicant v0.6.8 on FreeBSD, but I doubt that makes any
difference.

Gavin