Netwerk draadloos handleidinglinux

From Cncz
Revision as of 11:22, 15 November 2007 by Polman (talk | contribs)
Jump to: navigation, search

Handleiding Linux

Wireless Installation Manual for Linux

  1. Certificate:
    Until early 2007 one had to import the C&CZ root-certificate. This is no longer necessary, because C&CZ bought though SURFnet a GlobalSign certificate, which is trusted normally (with Certificate Authority "GTE CyberTrust Global Root").
  2. wpa_supplicant settings:

    The following works with Ubuntu-dapper with gnome, and network-manager and wpasupplicant installed. (sudo apt-get install wpasupplicant network-manager network-manager-gnome). I assume it also works for KDE, etc. In the task bar you will see an applet for the network on the right side. Click on the icon, then the available wireless networks will appear. Click on 'Science'. You will get a form. Fill in the following fields:
Wireless security: WPA-enterprise
EAP method: PEAP
Key-type: automatic
Identity: (FNWI username)
Password: (FNWI password)
CA certificate file: browse to cacert.crt, or where the standard certificate bundle may be on your computer.

Click: Login to network. Wait a moment and the connection will be established.
If that doesn't work you can make a file wpa_supplicant.conf with the contents:

  ca_cert="/etc/certs/ca.pem or where the standard certificate bundle may be on your computer"
# priority=10

Change in this file username and password to your own username and password. Move this file to the directory where network script can be found (for SUSE this is /etc/sysconfig/network, for Ubuntu it is /etc/network). Add the next line to your ifcfg file for your wireless interface. Of course you have to change the directory if you don't use SUSE.
  1. Ubuntu Gutsy Gibbon:

If you are a Ubuntu 7.10/Gutsy Gibbon user there are some differences that could lead to trouble. First, the wpa_supplicant.conf file is in a different location, hard to find if you have little experience looking for it:


The contents of the file are identical, with the exception of the directories where the certificate/pem files are located: The ssl certificates are to be found here:


This directory actually contains symlinks only, linking to this directory:


The /etc/ssl/certs directory also contains hashes of the pem files linked to. These hashes link to the pemfiles. Use this command to update all hashes, for example when you added a new pem file or deleted the hashes:

c_rehash ./

When you want to check wether everything is functioning properly you can use the following commands:

/sbin/wpa_supplicant -i<interface> -c<configfile>


/sbin/wpa_supplicant -ieth1 -c/etc/network/wpa_supplicant.conf

This will generate a large amount of output, make sure to terminate the program in time using CTRL-C to keep things readable. The output will most likely contain usefull hints about the problems. When the output tells you that a certain certificate cannot be verified, most likely you are missing a certificate or an in-between-certificate.

First, check you have the following certificates:


You should already have the first two, the last one can be found here: or or

You need all three.

  1. Making a connection:
ifup eth1


root@localhost# ifconfig eth1 up

Replace eth1 with your own interface designation/number

  1. Debugging

When you are having trouble with the Science wireless connection you can use the following tools/commands to retrieve additional information which could help you:

NetworkManager -DD

Generates lots of output, usefull though.

wpa_supplicant -i<iface> -c<cfgfile>

Again, output output output


Displays the status of the NetworkManager managed devices, including wireless devices and extensions.

When the network applet in your gnome/kde tray dies, you can re-invoke it via the Run command.. menu:


Succes!/Good Luck!