Wireless Access on Fedora 16

NOTE: The CLAS Linux Group has provided these instructions as a courtesy to campus Linux users. See UI Wireless - eduroam Support or contact the ITS Help Desk for additional information. These instructions are specific to Fedora 16. If you are using a different version of Linux, these instructions may not work.

This document was modified on Mar 22, 2012. Any changes to the campus wireless network since then may not be reflected in these instructions. Try comparing the instructions for later versions of this OS for any configuration changes.

During the summer of 2012, ITS will be changing the network name to eduroam and you will need to enter hawkid@uiowa.edu instead of just your HawkID in order to connect. Please see the instructions for Fedora 17 for an example.

Assumptions

  • You've met the requirements listed on the initial wireless page.
  • These instructions were written after doing a default install of Fedora 16 using the x86_64 Live CD install media and then patching all software.
  • Your wireless card is working. You can use nm-tool from a terminal to test.

On the system used for creating the instructions, this is a snippit of the output from running nm-tool in a terminal:

- Device: wlan0 --------------------------------------------------
  Type:              802.11 WiFi
  Driver:            iwl3945
  State:             disconnected
  Default:           no
  HW Address:        XX:XX:XX:XX:XX:XX

Capabilities:

Wireless Properties
  WEP Encryption:  yes
  WPA Encryption:  yes
  WPA2 Encryption: yes

Wireless Access Points

When you run nm-tool, the output must show that you have a device of type 802.11 WiFi and that WPA2 Encryption is yes. If you don't have a device of type 802.11 WiFi, then you need to get wireless support working (or get a wireless card/device). If you don't see WPA2 Encryption: yes, then you'll need to get a wireless device that supports WPA2.

Obtain the AddTrustExternalCARoot Certificate

The authentication server used by The University of Iowa wireless networks uses Comodo (AddTrust) as its root certificate authority (CA). Therefore, your laptop must have a valid Comodo root certificate in Privacy-Enhanced Mail (PEM) format.

You can download the certificate by going to Comodo AddTrustExternalCARoot Certificate and clicking the Download link for [Root] AddTrustExternalCARoot (currently the first link). The file will download to your Downloads directory and will be named AddTrustExternalCARoot.crt. Copy the file to your home directory (e.g. cp ~/Downloads/AddTrustExternalCARoot.crt ~/ ).

Configure Wireless Network in NetworkManager

  1. Click on the NetworkManager applet (a pair of superimposed monitors) and select eduroam (see the end of the page for information on what to do if eduroam isn't listed).

    Screenshot of the Wireless Access Instructions for Fedora 16

  2. The window "Wireless Network Authentication Required" should appear as below.

    Screenshot of the Wireless Access Instructions for Fedora 16

  3. Set (or verify):
    "Authentication" to "Protected EAP (PEAP)"
    "CA Certificate" to "AddTrustExternalCARoot.crt" file, as noted above
    "PEAP Version" to "Automatic"
    "Inner Authentication" to "MSCHAPv2"
    "User Name" to be your HawkID followed by @uiowa.edu, e.g. hawkid@uiowa.edu
    "Password" to your HawkID password
    Optionally check "Ask for this password every time" if you don't want the computer to store your HawkID password.

    Screenshot of the Wireless Access Instructions for Fedora 16

  4. Click Connect and you should be connected to the eduroam network. I was left with a window showing that I had connected to eduroam at 48 Mb/s.

    Screenshot of the Wireless Access Instructions for Fedora 16

Troubleshooting

I keep trying to connect, but I'm never successful. What now?

Try to get somewhere where you have direct line-of-sight to a wireless access point, you should then be able to see the eduroam network in the pull down and successfully connect.

List of things to try:

  1. If you still can't connect after moving within sight of an access point, try again later during off-peak usage (i.e. not the middle of the day)
  2. Try a different device/operating system to see how good the signal is from that location. If none of your devices can get connected, your linux computer won't be able to either. If the signal is weak, try moving to where the signal is stronger and try again.

I don't have eduroam as an option in the Network Manager pull down, what do I do?

  1. You do have to be on campus for these instructions to work and you'll need to be somewhere with wireless coverage. If you meet those requirements, try the following steps.
  2. Click on the NetworkManager applet and choose "Connect to Hidden Wireless Network...":

    Screenshot of the Wireless Access Troubleshooting for Fedora 16

  3. The Hidden wireless network window will open:

    Screenshot of the Wireless Access Troubleshooting for Fedora 16

  4. Change "Network name" to "UI-Wireless-WPA2", change "Wireless security" to "WPA & WPA2 Enterprise" and then set (or verify):
    "Authentication" to "Protected EAP (PEAP)"
    "CA Certificate" to "AddTrustExternalCARoot.crt" as noted at the beginning of the instructions
    "PEAP Version" to "Automatic"
    "Inner Authentication" to "MSCHAPv2"
    "Identity" to be your HawkID followed by @uiowa.edu, e.g. hawkid@uiowa.edu
    "Password" to your HawkID password
    Optionally check "Ask for this password every time" if you don't want the computer to store your HawkID password.
  5. Click Connect and you should get connected to the UI Wireless network.

My Network Manager applet disappeared, how do I get it back?

Open a terminal (Activities > Applications, then search for Terminal) and run nm-applet &.