College of Liberal Arts & Sciences
Wireless Access on Fedora 16
NOTE: The CLAS Linux Group has provided these instructions as a courtesy to campus Linux users. See UI Wireless - eduroam Support or contact the ITS Help Desk for additional information. These instructions are specific to Fedora 16. If you are using a different version of Linux, these instructions may not work.
This document was modified on Mar 22, 2012. Any changes to the campus wireless network since then may not be reflected in these instructions. Try comparing the instructions for later versions of this OS for any configuration changes.
During the summer of 2012, ITS will be changing the network name to eduroam and you will need to enter hawkid@uiowa.edu instead of just your HawkID in order to connect. Please see the instructions for Fedora 17 for an example.
Assumptions
- You've met the requirements listed on the initial wireless page.
- These instructions were written after doing a default install of Fedora 16 using the x86_64 Live CD install media and then patching all software.
- Your wireless card is working. You can use nm-tool from a terminal to test.
On the system used for creating the instructions, this is a snippit of the output from running nm-tool in a terminal:
- Device: wlan0 --------------------------------------------------
Type: 802.11 WiFi
Driver: iwl3945
State: disconnected
Default: no
HW Address: XX:XX:XX:XX:XX:XX
Capabilities:
Wireless Properties
WEP Encryption: yes
WPA Encryption: yes
WPA2 Encryption: yes
Wireless Access Points
When you run nm-tool, the output must show that you have a device of type 802.11 WiFi and that WPA2 Encryption is yes. If you don't have a device of type 802.11 WiFi, then you need to get wireless support working (or get a wireless card/device). If you don't see WPA2 Encryption: yes, then you'll need to get a wireless device that supports WPA2.
Obtain the AddTrustExternalCARoot Certificate
The authentication server used by The University of Iowa wireless networks uses Comodo (AddTrust) as its root certificate authority (CA). Therefore, your laptop must have a valid Comodo root certificate in Privacy-Enhanced Mail (PEM) format.
You can download the certificate by going to Comodo AddTrustExternalCARoot Certificate and clicking the Download link for [Root] AddTrustExternalCARoot (currently the first link). The file will download to your Downloads directory and will be named AddTrustExternalCARoot.crt. Copy the file to your home directory (e.g. cp ~/Downloads/AddTrustExternalCARoot.crt ~/ ).
Configure Wireless Network in NetworkManager
- Click on the NetworkManager applet (a pair of superimposed monitors) and select eduroam (see the end of the page for information on what to do if eduroam isn't listed).
- The window "Wireless Network Authentication Required" should appear as below.
- Set (or verify):
"Authentication" to "Protected EAP (PEAP)"
"CA Certificate" to "AddTrustExternalCARoot.crt" file, as noted above
"PEAP Version" to "Automatic"
"Inner Authentication" to "MSCHAPv2"
"User Name" to be your HawkID followed by @uiowa.edu, e.g. hawkid@uiowa.edu
"Password" to your HawkID password
Optionally check "Ask for this password every time" if you don't want the computer to store your HawkID password. - Click Connect and you should be connected to the eduroam network. I was left with a window showing that I had connected to eduroam at 48 Mb/s.
Troubleshooting
I keep trying to connect, but I'm never successful. What now?
Try to get somewhere where you have direct line-of-sight to a wireless access point, you should then be able to see the eduroam network in the pull down and successfully connect.
List of things to try:
- If you still can't connect after moving within sight of an access point, try again later during off-peak usage (i.e. not the middle of the day)
- Try a different device/operating system to see how good the signal is from that location. If none of your devices can get connected, your linux computer won't be able to either. If the signal is weak, try moving to where the signal is stronger and try again.
I don't have eduroam as an option in the Network Manager pull down, what do I do?
- You do have to be on campus for these instructions to work and you'll need to be somewhere with wireless coverage. If you meet those requirements, try the following steps.
- Click on the NetworkManager applet and choose "Connect to Hidden Wireless Network...":
- The Hidden wireless network window will open:
- Change "Network name" to "UI-Wireless-WPA2", change "Wireless security" to "WPA & WPA2 Enterprise" and then set (or verify):
"Authentication" to "Protected EAP (PEAP)"
"CA Certificate" to "AddTrustExternalCARoot.crt" as noted at the beginning of the instructions
"PEAP Version" to "Automatic"
"Inner Authentication" to "MSCHAPv2"
"Identity" to be your HawkID followed by @uiowa.edu, e.g. hawkid@uiowa.edu
"Password" to your HawkID password
Optionally check "Ask for this password every time" if you don't want the computer to store your HawkID password. - Click Connect and you should get connected to the UI Wireless network.
My Network Manager applet disappeared, how do I get it back?
Open a terminal (Activities > Applications, then search for Terminal) and run nm-applet &.