[plug] eduroam network

William Kenworthy billk at iinet.net.au
Fri Mar 6 19:58:57 AWST 2020 

On 6/3/20 6:59 pm, Brad Campbell wrote:
> On 3/3/20 11:31, Brad Campbell wrote:
>> On 2/3/20 10:11, William Kenworthy wrote:
>>> Lots of experience, but I normally remove NM and do wifi networking 
>>> manually - less hassles that way!
>>>
>>> eduraom itself doesn't do the authentication - its the local node 
>>> that connects you to the eduroam network so thats where you need to 
>>> start - there are a lot of ways different host institutions do it so 
>>> there is no "one way"
>>>
>>> This is Murdoch Uni's way from when I taught there last year - other 
>>> institutions I have used ranged from open, wep through to having 
>>> weird options!:
>>>
>>> network={
>>>          # Murdoch University EDUROAM
>>>          ssid="eduroam"
>>>          scan_ssid=0
>>>          proto=RSN
>>>          key_mgmt=WPA-EAP
>>>          eap=PEAP
>>>          identity="staff_no at murdoch.edu.au"
>>>          password="yaddayadda"
>>>          phase2="auth=MSCHAPV2"
>>>          priority=0
>>> }
>>>
>>
>> Well, that was easy!
>> Put that in a config file with my credentials, ran wpa_supplicant 
>> from the command line and then had to run dhclient manually to pick 
>> up an address & gateway.
>>
>
>
> So a little bit trickier to set up on openwrt.
>
> /etc/config/wireless needs a bit of manual fettling to get it to work. 
> Luci appears to pretend to know what to do but only after you've 
> already set it up manually.
> The default wpa_supplicant does not understand the enterprise stuff, 
> so need to remove wpad-basic and replace it with wpad.
>
> Actually now I think about it, perhaps replacing wpad brought Luci up 
> to speed. It's working and I'm not game to experiment to find out.
>
> At the end of the day it works well. So I have a usb wifi dongle 
> plugged into a netgear WNDR3700. The usb dongle is a client on the 
> eduroam network which is then masqueraded to the 2.4G & 5G native 
> interfaces on the unit. That allows things like an Amazon privacy 
> thief, oops I mean Firestick to use the eduroam data whereas there was 
> no way it was going to authenticate on the eduroam network natively.
>
> Brad

I use a raspberry pi 3B for that - runs a custom gentoo install setup to 
connect to a wifi connection protected by a shorewall firewall , and 
offers a standard hostapd wpa2 for my wifi access - good when 
traveling.  I use an android phone to analyse where I want to connect 
to, then connect to the pi, ssh in and configure it.  I was going to 
automate it through a web interface but vi works so I have not got 
around to it.

BillK

More information about the plug mailing list