# wpa_supplicant and University Wi-Fi



## SirSkidmore (Dec 4, 2013)

Hello! I have had a long interest in migrating from Linux to [Free? -- mod.]BSD, and just recently took the plunge, but I'm running into some issues with my networking. I attend Indiana University, which has specific instructions on how to connect with Linux here: http://kb.iu.edu/data/axsu.html. I downloaded the Thawte certificates and set up my configuration file (I've checked and double checked, I'll of paths and such are correct):


```
network={
    ssid="IU Secure"
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="myuser"
    password="password"
    ca_cert="/path/to/downloaded/cert"
}
```

If anyone here has any suggestions on how to correctly set my networking preferences, I would be greatly appreciative. I figured there would be some clues in the Linux help site, which gave me the outline for my configuration. 

Thanks,
Taylor


----------



## fonz (Dec 4, 2013)

A university that only provides WLAN instructions for Windows, Mac and Linux while you're on FreeBSD, eh? That sounds awfully familiar. I'll dig out the setup I used at my old university and report back tomorrow (that would be tomorrow in Western European time) if I find anything interesting that might be of help.


----------



## SirSkidmore (Dec 4, 2013)

fonz said:
			
		

> A university that only provides WLAN instructions for Windows, Mac and Linux while you're on FreeBSD, eh? That sounds awfully familiar. I'll dig out the setup I used at my old university and report back tomorrow if I find anything interesting.



Great, thank you very much! Yeah, and that article is as much Linux "support" as they offer. They won't help any more than that, not that the student-led team could offer any more help. When I mentioned Linux to one of the supervisors, he didn't even know what it was.


----------



## kpedersen (Dec 10, 2013)

If they did actually provide proper Linux instructions, then the fact that both Linux and FreeBSD typically use wpa_supplicant, that would still be useful.

It is the fact that by Linux instructions, they really mean GUI Ubuntu Network Manager instructions which is not only useless for FreeBSD, but will probably also be useless in the next revision of Ubuntu's network manager.

I was in the same position at my university (and still am when I come in to give the occasional OpenGL lecture)... I just bring a LAN cable with me and plug it in place of the existing computer


----------



## fonz (Dec 10, 2013)

Sorry it took so long to get back to you! I've been rather busy lately and the new forum software here doesn't make it easy to keep track of which threads I have or haven't participated in.

Anyway, as @kpedersen said, the instructions given by your university apply to a graphical configuration tool that comes with Ubuntu. With FreeBSD you need to set up a /etc/wpa_supplicant.conf file manually. Here's what the relevant part of that file looked like on my netbook when I was still at Twente University:

```
network={
  ssid="eduroam"
  key_mgmt=WPA-EAP IEEE8021X
  eap=TTLS
  identity="***username***@utwente.nl"
  anonymous_identity="***username***@utwente.nl"
  password="***something*secret*here***"
  ca_cert="/usr/local/share/certs/eduroam.pem"
  phase2="auth=PAP"
}
```
Getting the configuration just right for you may require a considerable amount of trial and error (wpa_supplicant(8) can be really fussy that way). If at all possible, I think the easiest solution is to find a fellow student (or staff member) who has WLAN connectivity configured on Ubuntu and ask if they can show you their resultant wpa_supplicant.conf file (with their username and password censored, of course).


----------



## eatonphil (Nov 25, 2015)

I found this thread useful for configuring eduroam access on my laptop. However, I had to make a few slight modifications.

At first, my wpa_supplicant entry looked like this:


```
network={
        ssid="eduroam"
        scan_ssid=1
        key_mgmt=WPA-EAP
        eap=PEAP
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"
        identity=""
        password=""
}
```

This was connecting briefly and I could ping 8.8.8.8, but then I lost that ability even though I was still connected to eduroam. I happened to be dual-booting Ubuntu, so I popped into Ubuntu (which was able to connect to eduroam) and took a look at /etc/NetworkManager/system-connects/eduroam.

In this file I saw that there was no phase1 entry, there was a new entry "auth-alg=open", and eap was set to TTLS, not PEAP. I made these changes in my wpa_supplicant and was able to successfully connect to eduroam on FreeBSD.

Here is the final wpa_supplicant:


```
network={
        ssid="eduroam"
        scan_ssid=1
        key_mgmt=WPA-EAP
        eap=TTLS
        phase2="auth=MSCHAPV2"
        auth_alg=OPEN
        identity=""
        password=""
}
```


----------

