[Q]How to use University WPA2 Enterprise Wi-Fi? - Desire Q&A, Help & Troubleshooting

Hello fellow XDA users,
I've tried to connect to my universities Wi-fi network but they use WPA2 Enterprise. They have a page for the Iphone on how to set up the connection, http://itdfaq.aus.edu/faq/index.php?action=artikel&cat=5&id=159&artlang=en.
However I can't seem to find the same exact settings on my Desire.
Can you help me connect to my network?
I am using Sense Froyo right now, any help is really appreciated!

Don't think you can connect to that type or network with the Desire, might be wrong though

EddyOS said:
Don't think you can connect to that type or network with the Desire, might be wrong though
Click to expand...
Click to collapse
I really hope it's not true. Because we have a high end phone & because the Iphone can do it.

Hmm here WPA2 Radius Auth. is working fine out of the box with Open Desire ... also Stock unrooted is working fine.
Radius is working fine, even VPN. As fast as with an Iphone! ;-) (a little bit faster ... no benchmark, personal feelings )
You need the Username and Password and some auth settings (can also be done with testing), thats all ... perhaps the admin uses an cert., so you have to ask for one ... but i dont think that you will need an Cert ... too much admin work for so many students ;-)

I don't see why you wouldn't be able to use WPA2. However, many universities and schools use SecureW2 or similar software for authentication. Just pay a visit to your university's helpdesk.

philJ said:
Hmm here WPA2 Radius Auth. is working fine out of the box with Open Desire ... also Stock unrooted is working fine.
Radius is working fine, even VPN. As fast as with an Iphone! ;-) (a little bit faster ... no benchmark, personal feelings )
You need the Username and Password and some auth settings (can also be done with testing), thats all ... perhaps the admin uses an cert., so you have to ask for one ... but i dont think that you will need an Cert ... too much admin work for so many students ;-)
Click to expand...
Click to collapse
I have zero understanding about networking. So can you please take a look at this and help me understand: http://itdfaq.aus.edu/faq/index.php?action=artikel&cat=5&id=19&artlang=en
Thank you.

My university uses a WPA2 Enterprise secured wireless network and the good news is that I was able to connect with my stock HTC Desire. The bad news is of course that it isn't as simple as it should be.
What I did was reset my phone's so called Credential Storage and assign a new personal password to it. Then I proceeded to identify some specific Root Certificate Authority certificate needed to establish a connection between a random device and the university networks in my country. In Switzerland, I had to download the QuoVadis Root CA2 certificate and install it into the Credential Storage. After that, the phone determined after connecting to the secured network what parameters were necessary to get internet access.
I was able to simply specify my account and password and link those parameters to that network. Since then, everything works as expected.

/rant/ said:
My university uses a WPA2 Enterprise secured wireless network and the good news is that I was able to connect with my stock HTC Desire. The bad news is of course that it isn't as simple as it should be.
What I did was reset my phone's so called Credential Storage and assign a new personal password to it. Then I proceeded to identify some specific Root Certificate Authority certificate needed to establish a connection between a random device and the university networks in my country. In Switzerland, I had to download the QuoVadis Root CA2 certificate and install it into the Credential Storage. After that, the phone determined after connecting to the secured network what parameters were necessary to get internet access.
I was able to simply specify my account and password and link those parameters to that network. Since then, everything works as expected.
Click to expand...
Click to collapse
So I need to download the .cert file and install it through the credentials storage. I will try that and report, thank you guys.

I use WPA2 Enterprise at uni all the time, and it downloaded the certificate upon first connect. Requires secure credentials to be enabled, but i think if its disabled it will prompt you at the time.

There are different Settings in your Link (first page) and the xp infos on the site. ... i thought that the following infos will do it for you.
Download the cert to sd
Add an connection (manually)
Network name: AUS_Wireless (makes sure it is typed exactly this way)
Security type: 802.1x
PEAP / EAP
Encryption type: WPA/TKIP
Leave the security key field empty
User name: b000xxxxx/g000xxxxx (without adding @aus.edu)
Enter your network password (provided by IT via email)
Now you should be able to connect.

I did it.
A weird thing happened. I connected to the network and this time I was asked to add a password for the credential. So it seems that my phone downloaded it this time and saved it.
Thank you guys for your help.

Related

Wi-Fi security issue - IMPORTANT! please help

As a wifier with a pda2k , how does one know if he has been discovered by the network owner and in addition , where he has gone , not to mention the pda's security . My files can't be looked at can they? I need serious security assistance . My personal data may have allready been compromised! Damn .
Thank you.
(I'll just wait here on a secure network till I can secure my 'lil unit
Treat your PPC as if it were a portable computer running on celeron. As of the moment I can only recall maybe 4 known viri for Windows Mobile. If you are an avid WiFi'er as I am, try to browse your unit from your desptop pc without activesync activated. You might want to port scan the PPC as well. I run an FTP and web server on my unit (for my own purposes), and I have never had any files compromised unless I allow it. If you are really that peranoid, encrypt the files you don't want read without your permission.
Well I'm a Mac guy so browsing on a desktop won't happen. I just need to be able to surf annomously and not have the network owner view me or my files.
The netwqork admin will always know you are using the router because the wifi router assigns you an IP address. No getting around that. But it will be highly unlikely that he can access your unit resources unless you have a backdoor trojan running on your unit. If you don't know, google up "antivirus scanner for pocket pc", and install it.
Hey MACGUY have you seen PocketMAC? It could be useful!
SORRY i didnt mean to hijack your thread!
NOMADMAN - you said your are a wifi junky - How do I surf the net from my MDA3 using WIFI. Is appears that I can connect to my belkin wireless router but when I open IE - No page can be displayed and then it asks me to check my settings but then all the new connection settings doesnt include wifi connectivity? HELP!
meatychi said:
...How do I surf the net from my MDA3 using WIFI....HELP!
Click to expand...
Click to collapse
The are all kinds of info already posted here mate. What I would tell you here, I and many others have already posted in the past.
nomadman said:
The netwqork admin will always know you are using the router because the wifi router assigns you an IP address. No getting around that. But it will be highly unlikely that he can access your unit resources unless you have a backdoor trojan running on your unit. If you don't know, google up "antivirus scanner for pocket pc", and install it.
Click to expand...
Click to collapse
Thanks . I installed the viri scanner and found nothing. It maybe that the open AP is being tapped by someone else as well as me , explaining the third MAC address. Can this be possible? It's a ff.ff.ff.ff.ff

WPA Enterprise

Hi guys, I need to know if a Windows Mobile 6 smartphone (e.g. htc s620) can connect to a WPA Enterprise protected network or need some extra software to do that... can someone help me?
Thanks in advance.
In theory all you should have to do is enter the details or pick it up from your list. However, I've been having problems connecting to radius connections as well.
I've followed all the settings, but it's still not working.
I'm using WPA2 AES, PEAP, and I've even downloaded the root certificate for the server.... and still it doesn't work.
Ok, thanks for the reply. Next week I'll try to use that connection (I'm away now) and see how this works even if I'm not so trustful...

How to share my pc's internet connection with my MDA Compact III??

Hey Everyone,
I have just upgraded my device to Windows Mobile 6 so I had to install Activesync 4.5 and I would like to access my pc's internet connection (which is adsl) when it is connected via USB. But when I connect my device via USB it doesn't seem to have access to internet at all even though it should be automatic as far as I know. I guess some things should be done in settings but don't know what they exactly are. Would you be so kind as to help me by writing every single step I should take to make it work?
I would also like to access my pc's net via Bluetooth but I think it's going to be more difficult to set. I have a bluetooth adapter with Bluesoleil software and I don't know what I should do to synchronize my device with pc via bluetooth using Activesync 4.5. I guess after making it work, accessing my pc's net via Bluetooth wouldn't be a big problem.
I hope you have ideas what to do.
Thank you for your help in advance!
when in settings->networking->usb to pc->enable advanced network functions is checked
and connetions->advanced->select networks is set to my work network
when ever the pda is connected to activesync using usb or bluetooth
the network which is being used is that of the pc
unless the pc is set to otherwise
Thanks for your short reply. I have done as you wrote, but it still doesn't work.
at settings->connections->connections->My work Network there are 4 things:
-Add a new modem connection
-Edit my VPN servers (I have tried to add a VPN server but didn't know the exact settings)
-Set up my proxy server
-Manage existing connections (I have also added a cellular modem connection and *99# is supposed to be dialled but I didn't do any other settings)
So I guess there are things here that should be changed. For example at VPN, what should be the name of the Server? My computer's name? and there's a part at which it requires a Username and a Password and also a Domain marked with a *. What should I write in these fields? The usernam and password that are set to connecting to the internet on my pc or something else?
I might have to check the settings of my as well, I guess. What settings should be checked on it?
Thanks in advance!!!
I might have to check the settings of my pc as well, I guess.*
Sorry I left out a word.
settings->connections->connections->advanced->select networks
dropdownbox is set to my work network
to spell it more out
It is set that way, but it still doesn't work. This is why I think I should change things either on my pc or in My Work Network settings (the 4 menu points I mentioned). But I did everything the way you wrote in your first reply and despite this fact it still doesn't work. So I'm out of idea

MAC Address Changing with every Reset?

Just updated my HD7 to the update with internet sharing. After this, I can confirm that every time I reboot my phone, I get a new mac address. Which prevents me from connecting to my MAC-address-filtered wifi. I've done it 6 times and gotten 6 unique MAC addresses.
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
That's strange, I've never heard of a device with a dynamic MAC address before. Does your phone have one printed under the battery?
Nope, just IMEI, SN and PN. No MAC address.
This must be related in internet sharing somehow.
silvertonesx24 said:
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
Click to expand...
Click to collapse
I can confirm this on my HD7.
MAC changes on every reboot.
I confirm too,i have the issue of mac adress changing every reboot
& my wifi is not visible since the update,My wifi is N and i can only see wifi G near me but not mine
hi
for me too : mac adress change after shutdown.
for time don't shutdown the phone to have same mac adress with my internet box.
htc support tell me that they will answer on monday.
but i think it's a big problem with this update...
Ben
That's a bit strange. Normally you can't change MAC's for yourself, only spoofing is possible. If WP is really changing the MAC adress with every reboot, WP needs a valid MAC adress block licensed from IEEE, otherwise it would be a violation against IEEE.
I thought mac address we're never aloud to change!?
Lol that's illegal as all hell, a dynamic mac address
Gotta be a glitch in the firmware surely? No way that's allowed. Your definitely sure it's not a dynamic IP address you're seeing?
Sent from my SGH-i917 using Board Express
ive also asked this question a couple of days ago right after applying the htc internet sharing update. and ive posted my question here (entry #38) and people provided good answers about it. hope this helps
Yes, mine also changes it's only when i read this thread and test my hd7 and i notice the changes.But I S is a breeze.
The issue is that some people assign static IPs to devices on their home networks, and this is done in most routers via MAC address coupling (MAC a always gets IP z and so forth). That way you can simply block all devices you and people in the residence do not own. I do it on all my machines for development reasons, cause I like knowing I can always use x IP address to get at a certain machine even if I turn it off or it's down for a while for repairs. The IP never changes as long as I continue to use that specific network card in the computer.
I don't know why they would do that. Perhaps for security reasons?
I have the same problem - cannot connect to my University WiFi network as the MAC address keeps on changing....
This is crazy!
They better get on that quick! They could get in a lot of **** for that
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Confirming
That update was a bag full of $$$$ !Luckly I was able to restore through Zune,but my Bootloader (SPL) was also updated to 5.01 and no way of going back!
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
primexx said:
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Click to expand...
Click to collapse
Mac filtering is not useless as a security measure. It's not used by itself. It's used in conjunction with other methods, the same way businesses also hide their wireless network's SSID.
I'm not filtering on an Open Connection. That would be retarded.
Seriously...
GrahamWager said:
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
Click to expand...
Click to collapse
im not sure though but im guessing so does other apps with secured log in parameters. i do have the bank of america app. right after i did the update, and after inluding the new mac to my networks allowed list of mac addresses, the boa app again posted a message saying that the device where im accessing boa has not been used previously to access the account. so im guessing that it saves all the mac addresses of devices that accessed a boa account.

802.1x wifi problem | galaxy gio

Hey,
I want to connect to a 802.1x security wifi network on my school, it does connect.
It sais I am connected but I can't browse the web and all my apps dont refresh either.
Is there anyway I can fix this? Maybe with some setting or change in root?
work fine on mine
I'll install cm9 as soon as I can, and see if it fixes my probs. Otherwise it could be a chipset problem, that it just doesnt support. Some other people on my school also cant connect (budget phones).
I think its weird that some devices can connect and others not, on my school, some galaxy s or galaxy ace will connect while others can't. I have cyanogenmod 7.2 with android 2.3.7! I think it should work but someway it keeps connected, so I am connected to the router, but I can't browse the net. Maybe it cant open default gateway in someway?
maybe that router is not compatible .. i have the same problem in some places..
I think it's weird some devices connect and other do not, maybe it has to due with diffrence in android versions? I use cyanogenmod 7.2, android gingerbread 2.3.7
Oi, there is so much that could be going on here...
Its an Atheros AR6003G chip, which as far as i know, supports 802.11 A/B/G/N, and hardware encryption for WEP/WPA...
Odds are, if its an 802.1x type network, the chip will do the encrypting/decrypting after the handshake is completed, provided its set up correctly. WEP and WPA are set up by using a Pre-shared Key that all users need to have... If you study how to recover the key, you'll find that the hash is created by taking the plaintext passkey, running it through the specified algorithm, then salting it with the name of the network. So long as all devices have the correct network name and the correct plaintext password, any device can connect to the network, because they'll all end up with the same hash.
802.1x encryption is different. It uses an authentication server. This makes it similar to any modern computer you log onto. You provide the computer with your credentials, and it checks it against the server. If they match, then you are allowed access. If they don't you get an error message. Which means, that if anything is broken, it won't work. If you don't use the correct authentication protocol, it won't work. If you don't have the right certificates, it won't work.
Best advice I can give is, double check everything. Make sure your Gio has the correct certificates and that its using the correct protocols. Double check your IP/Subnet Mask/Gateway addresses. If you don't have an IP address, you'll have to manually configure it. If the Subnet Mask is incorrect or the Gateway address is incorrect, it won't work either. Also, check your DNS server addresses. If those aren't correct it won't load any webpages using URLs. It will only load them using the IP address of the server. Which means, telling the browser to go to www.google.com won't work, but if you tell it to go to 173.194.67.99:80, it will load the Google homepage.
Hopefully this will give you somewhere to start...
Yes true, only problem is that static IP's dont work, otherwise I could just copy the DNS and gateway numbers from a device it does work on. It uses DHCP and I think that I have the problem you told about.I dont think our school uses certificates cause a friend of my (Galaxy S) can connect without having installed certificates or something.
I think its an hardware isue and it cant decrypt the code well, my WIFI indicator stays white, with internet acces it should turn blue or green.
runedegroot said:
Yes true, only problem is that static IP's dont work, otherwise I could just copy the DNS and gateway numbers from a device it does work on. It uses DHCP and I think that I have the problem you told about.I dont think our school uses certificates cause a friend of my (Galaxy S) can connect without having installed certificates or something.
I think its an hardware isue and it cant decrypt the code well, my WIFI indicator stays white, with internet acces it should turn blue or green.
Click to expand...
Click to collapse
What if you go to wifi settings- menu button - advanced settings- 'regulier domein' I know you are dutch, dont know how it is called in english, something like regular domain I guess.
Then set it to 11 13 or 14 try them out, fixes my wifi, also at school with 8.11x connection mode
Sent from my GT-S5660 using xda premium
runedegroot said:
Yes true, only problem is that static IP's dont work, otherwise I could just copy the DNS and gateway numbers from a device it does work on. It uses DHCP and I think that I have the problem you told about.I dont think our school uses certificates cause a friend of my (Galaxy S) can connect without having installed certificates or something.
I think its an hardware isue and it cant decrypt the code well, my WIFI indicator stays white, with internet acces it should turn blue or green.
Click to expand...
Click to collapse
That is very very odd... I use a Linksys WRT54G2 router at home, and its set up for DHCP. Its address is the standard 192.168.1.1, and it can address 50 clients between the addresses of 192.168.1.100 and 192.168.1.149. However, if i set my computer up to use static settings, it works just fine... Granted the networks are probably set up differently.... but the theory should work just fine...
Code:
IP: 192.168.1.4
Subnet Mask: 255.255.255.0
Gateway 192.168.1.1
DNS: 64.59.160.13, 64.59.160.15
Are you positive it doesn't work?
If you can get me the encryption type, IP address, Subnet Mask and Gateway address your friends phone uses, I may be able to help more... The more information you can get me, the better.
The only reason I can think of that would cause it to not work is that the IP address is already in use, or the Subnet mask is incorrect... It shouldn't matter what IP address you use, so long as the subnet mask and gateway are correct... In theory anyway...
I'll gather them and put them in a post!
Thanks for your help so far,
Im on the same school as runedegroot but the neteork does work for me, and i dont think a stattic ip will work cause the network is spread over a lot of routers so if any other phone gets that ip via dhcp it wont work anymore
Sent from my GT-I9000 using xda premium
Well, apparently DHCP doesn't work for him, so whats he have to loose?
Although that's quite interesting... What phone do you use, and whats the network information you have when you're connected to your school's network?
voetbalremco said:
What if you go to wifi settings- menu button - advanced settings- 'regulier domein' I know you are dutch, dont know how it is called in english, something like regular domain I guess.
Then set it to 11 13 or 14 try them out, fixes my wifi, also at school with 8.11x connection mode
Sent from my GT-S5660 using xda premium
Click to expand...
Click to collapse
I'll try, it didn't give me positive feedback when I tried it on MC 7.2, I'll try monday.
Btw, voetbalremco is a dutch name, you also have a dutch thumbnail, but you aint dutch?
atirox said:
Well, apparently DHCP doesn't work for him, so whats he have to loose?
Although that's quite interesting... What phone do you use, and whats the network information you have when you're connected to your school's network?
Click to expand...
Click to collapse
I use galaxy gio, gt-s5660. Maybe willie1001 knows it, I can't see it when I'm at home.
I have the same problem
runedegroot said:
I'll try, it didn't give me positive feedback when I tried it on MC 7.2, I'll try monday.
Btw, voetbalremco is a dutch name, you also have a dutch thumbnail, but you aint dutch?
Click to expand...
Click to collapse
Im dutch, but the forum is english so I also post in english, I dont like it neither if people post in polish or whatever I cant read..
Sent from my GT-S5660 using xda premium
runedegroot said:
I use galaxy gio, gt-s5660. Maybe willie1001 knows it, I can't see it when I'm at home.
Click to expand...
Click to collapse
Actually that was for willie1001...
And its possible that changing the reguatory domain could work. If you're running software designed for the states, it would disable any channel above 11... But then again, if you can "see" the wireless network in the settings menu, it would make sense that its programmed to use a channel isn't above channel 11... Which would mean that changing the regulatory domain wouldn't help it at all...
Come to think of it, if your MAC address is blocked, it wouldn't allow you access... But then again, you'd have to do something for the school to block your MAC address. And if the other students can access it, then it would have to be specifically you who did something to piss off a teacher.
Also, any information you can get me about the router would help greatly. By figuring out the manufacturer of the router and the model number of the router, its possible to narrow down the likely IP addresses that the router would use..
atirox said:
Actually that was for willie1001...
And its possible that changing the reguatory domain could work. If you're running software designed for the states, it would disable any channel above 11... But then again, if you can "see" the wireless network in the settings menu, it would make sense that its programmed to use a channel isn't above channel 11... Which would mean that changing the regulatory domain wouldn't help it at all...
Come to think of it, if your MAC address is blocked, it wouldn't allow you access... But then again, you'd have to do something for the school to block your MAC address. And if the other students can access it, then it would have to be specifically you who did something to piss off a teacher.
Also, any information you can get me about the router would help greatly. By figuring out the manufacturer of the router and the model number of the router, its possible to narrow down the likely IP addresses that the router would use..
Click to expand...
Click to collapse
Haha no, I didn't piss of a teacher
I think it's a gio problem, willie1001 has the galaxy s with cyanogenmod 9.
I have gio with cyanogenmod 9. But it also didnts work with stock or cyanogenmod 7.
I will send you some information I can see on my phone, if I won't forget it
runedegroot said:
Haha no, I didn't piss of a teacher
I think it's a gio problem, willie1001 has the galaxy s with cyanogenmod 9.
I have gio with cyanogenmod 9. But it also didnts work with stock or cyanogenmod 7.
I will send you some information I can see on my phone, if I won't forget it
Click to expand...
Click to collapse
Man, thats odd... I assume you aren't on the North American continent... Where did you pick your Gio up from?
You know... Its possible that the issue you have was fixed in a base band (modem) update... You could try flashing the phone to the latest OE firmware (Not necessarily the one that came with your carrier as branded firmware tends to take forever to get updated), and see if that works...

Categories

Resources