Network hackerspace Strassen
m (→Layout) |
m (→Wireless: PEAP) |
||
Line 55: | Line 55: | ||
Password: <wiki-password><br> | Password: <wiki-password><br> | ||
<br> | <br> | ||
+ | or | ||
+ | <br> | ||
+ | <br> | ||
+ | Security: WPA2 Enterprise<br> | ||
+ | Authentication: PEAP<br> | ||
+ | Inner authentication: MSCHAPv2<br> | ||
+ | Username: <syn2cat-user><br> | ||
+ | Password: <syn2cat-password><br> | ||
+ | |||
+ | |||
+ | |||
Be sure to use exactly those settings, else it will not work.<br> | Be sure to use exactly those settings, else it will not work.<br> | ||
+ | Note: PEAP+MSCHAPv2 will only work if you have changed your password on the syn2cat server after the 12th of October. Ask an admin for more information. | ||
=== SSL certificates === | === SSL certificates === |
Revision as of 17:29, 12 October 2010
This page hosts details on our internal network, wired as well as wireless.
Contents |
Overview
Every hackerspace has a network to connect to the Internets, so does syn2cat
Bring your laptop or use one of the available PCs, plug it in and off you go. There's also wireless LAN available.
Layout
Here's the current layout in fancy ASCII art.
DSL -- thomson -- Lusitania :::: miniswitch == wall ports in ADHS rooms || || 3com Rack " " " " 3com Core == wall ports in syn2cat rooms | || | || | OpenDuino, switches | dd-wrt .... dd-wrt -- photoborg || || HPprinter
Legend:
* -- single cable * == more than one cable * "" fiber trunk * ::: VLAN * ... wlan cable
IP
We provide both IPv4 and IPv6 connectivity in the hackerspace.
Wireless
We have two access points (APs).
One of them operates in WPA2-Enterprise mode, the other in WPA2-Personal.
The WPA2-Personal AP uses the formerly published pre-shared-password (you can find it in the space).
The WPA2-Enterprise AP uses a radius server for authenticating users with their WIKI account.
Only paying sy2cat members are able to use their WIKI login to access this AP.
Use the following settings:
Security: WPA2 Enterprise
Authentication: Tunneled TLS (TTLS)
Inner authentication: PAP
Username: <wiki-user>
Password: <wiki-password>
or
Security: WPA2 Enterprise
Authentication: PEAP
Inner authentication: MSCHAPv2
Username: <syn2cat-user>
Password: <syn2cat-password>
Be sure to use exactly those settings, else it will not work.
Note: PEAP+MSCHAPv2 will only work if you have changed your password on the syn2cat server after the 12th of October. Ask an admin for more information.
SSL certificates
https://www.hackerspace.lu/certs/lusitania.der
https://www.hackerspace.lu/certs/lusitania.pem
OS compatibility
- Linux works out of the box
- Windows users will have to resort to some third-party software (wpa_supplicant, securew2, intel driver...) as m$ decided to not implement any other standard protocol besides their own.
- OSX works out of the box
- iphone has to be configured using their enterprise desktop app (free download IIRC)
- Android works fine with v1.6+
- Symbian works fine
- Maemo OS works fine
WICD template
Save this as "/etc/wicd/encryption/templates/eap-ttls" and add the filename to "/etc/wicd/encryption/templates/active".
name = EAP-TTLS author = username version = 1 require identity *Identity password *Password auth *Authentication ----- ctrl_interface=/var/run/wpa_supplicant network={ ssid="$_ESSID" scan_ssid=$_SCAN eap=TTLS key_mgmt=WPA-EAP identity="$_IDENTITY" password="$_PASSWORD" phase2="auth=$_AUTH" }
Dev Links
- http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol
- http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol
- http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
- http://wiki.freeradius.org/WPA_HOWTO
- http://wiki.freeradius.org/SQL_HOWTO
- http://www.dslreports.com/forum/remark,9286052~mode=flat
- http://ubuntuforums.org/showthread.php?t=478804
- http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg18906.html
- http://wiki.freeradius.org/Modules
- http://www.mail-archive.com/freeradius-users@lists.cistron.nl/msg14674.html
- http://svn.dd-wrt.com:8000/dd-wrt/browser/src/router/freeradius/src/modules/rlm_python/prepaid.py