Network hackerspace Strassen
m (add ssl certificates for WiFi) |
Prometheus (Talk | contribs) |
||
Line 60: | Line 60: | ||
* iphone has to be configured using their enterprise desktop app (free download IIRC)<br> | * iphone has to be configured using their enterprise desktop app (free download IIRC)<br> | ||
* Android works fine with v1.6+<br> | * Android works fine with v1.6+<br> | ||
− | * Symbian | + | * Symbian works fine<br> |
+ | * Maemo OS works fine<br> | ||
=== WICD template === | === WICD template === | ||
Line 68: | Line 69: | ||
<pre> | <pre> | ||
name = EAP-TTLS | name = EAP-TTLS | ||
− | author = | + | author = username |
version = 1 | version = 1 | ||
require identity *Identity password *Password auth *Authentication | require identity *Identity password *Password auth *Authentication |
Revision as of 13:19, 3 August 2010
This page hosts details on our internal network, wired as well as wireless.
Contents |
Overview
Every hackerspace has a network to connect to the Internets, so does syn2cat
Bring your laptop or use one of the available PCs, plug it in and off you go. There's also wireless LAN available.
Layout
Here's the current layout in fancy ASCII art.
DSL -- thomson -- Lusitania -- miniswitch == wall ports in ADHS rooms | | 3com == wall ports in syn2cat rooms | || | || | OpenDuino, switches | dd-wrt .... dd-wrt -- photoborg || || HPprinter
Legend:
* -- single cable * == more than one cable * ... wlan cable
IP
We provide both IPv4 and IPv6 connectivity in the hackerspace.
Wireless
We have two access points (APs).
One of them operates in WPA2-Enterprise mode, the other in WPA2-Personal.
The WPA2-Personal AP uses the formerly published pre-shared-password (you can find it in the space).
The WPA2-Enterprise AP uses a radius server for authenticating users with their WIKI account.
Only paying sy2cat members are able to use their WIKI login to access this AP.
Use the following settings:
Security: WPA2 Enterprise
Authentication: Tunneled TLS (TTLS)
Inner authentication: PAP
Username: <wiki-user>
Password: <wiki-password>
Be sure to use exactly those settings, else it will not work.
SSL certificates
https://www.hackerspace.lu/certs/lusitania.der
https://www.hackerspace.lu/certs/lusitania.pem
OS compatibility
- Linux works out of the box
- Windows users will have to resort to some third-party software (wpa_supplicant, securew2, intel driver...) as m$ decided to not implement any other standard protocol besides their own.
- OSX works out of the box
- iphone has to be configured using their enterprise desktop app (free download IIRC)
- Android works fine with v1.6+
- Symbian works fine
- Maemo OS works fine
WICD template
Save this as "/etc/wicd/encryption/templates/eap-ttls" and add the filename to "/etc/wicd/encryption/templates/active".
name = EAP-TTLS author = username version = 1 require identity *Identity password *Password auth *Authentication ----- ctrl_interface=/var/run/wpa_supplicant network={ ssid="$_ESSID" scan_ssid=$_SCAN eap=TTLS key_mgmt=WPA-EAP identity="$_IDENTITY" password="$_PASSWORD" phase2="auth=$_AUTH" }
Dev Links
- http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol
- http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol
- http://tldp.org/HOWTO/8021X-HOWTO/freeradius.html
- http://wiki.freeradius.org/WPA_HOWTO
- http://wiki.freeradius.org/SQL_HOWTO
- http://www.dslreports.com/forum/remark,9286052~mode=flat
- http://ubuntuforums.org/showthread.php?t=478804
- http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg18906.html
- http://wiki.freeradius.org/Modules
- http://www.mail-archive.com/freeradius-users@lists.cistron.nl/msg14674.html
- http://svn.dd-wrt.com:8000/dd-wrt/browser/src/router/freeradius/src/modules/rlm_python/prepaid.py