Page 1 of 1

Acces problem with PEAP/MSCHAPv2

Posted: Sun Mar 29, 2009 3:20 pm
by Silvas
First of all this distribution is great to use and everything seems to work flawless. Unfortunately I can't seem to get acces to my schools network.
It seems it's protected with PEAP/MSCHAPv2. I looked around for quite a bit but can't seem to find a working solution, mint just seems to work a little different.

Can somebody help me with this, it's pretty annoying. Oh yeah i use Felicia with XFCE desktop.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Sun Mar 29, 2009 6:10 pm
by Husse

Re: Acces problem with PEAP/MSCHAPv2

Posted: Tue Mar 31, 2009 5:39 am
by Silvas
thanks for pointing out some threats i over looked. I have played with some scripts and installed networkmanager for gnome. Unfortunately it still doesn't work. I will keep trying but for now I'm going to dual boot with windows. :?

Re: Acces problem with PEAP/MSCHAPv2

Posted: Tue Mar 31, 2009 6:10 am
by Husse
The problem is that this is not "normal" authentication WPA works perfectly in Linux
This means I can't get any experience with it - have to rely entirely on google
Does this help?
http://narnia.cs.ttu.edu/drupal/node/147
or this?
http://ohioloco.ubuntuforums.org/showth ... ?p=6837614

Re: Acces problem with PEAP/MSCHAPv2

Posted: Mon Apr 20, 2009 6:42 am
by redshot
Hello, I have the same problem. Its an eduroam network, protected with 802.1x authentication, and I can't connect, it returns to the login screen.

Meanwhile, all Ubuntu laptops around me can connect, while I only get frustrated :D

Thanks in advance.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Mon Apr 20, 2009 7:18 am
by miket
Hi !
redshot wrote:Hello, I have the same problem. Its an eduroam network, protected with 802.1x authentication, and I can't connect, it returns to the login screen.
Meanwhile, all Ubuntu laptops around me can connect, while I only get frustrated :D
Thanks in advance.
This is interesting as Mint is based on Ubuntu ?

How are the Ubuntu users connecting ?
What tools are they using ?
Do you not have the same funtionality in Mint ?

Let us know, we may be able to help you round this one.

Mike.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Mon Apr 20, 2009 4:49 pm
by redshot
They are connecting with the NetworkManager. There are various authentication types we can use, like TTLS and PEAP. With Windows, I was able to connect with all authentications.

But, there is one authentication type which doesn't appear, and that may be the one which could allow me to connect. It's an "Inner Authentication", TKIP. It appears that Ubuntus use this authentication type to connect, and it doesn't appear on Mint. But it's weird, because I was supposed to be able to connect with all types of authentication.

Btw, I can connect to standard WEP secured networks.

Thanks in advance.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Tue Apr 21, 2009 6:09 am
by Husse
Felicia XFCE
I can't experiment with wifi there as I don't have it installed on a computer with wifi
On Felicia main there is an option for tkip - it's just not called tkip
I use WPA Preshared key and TKIP on my wireless (one XP and one Mint laptop) and I have Elyssa main, Felicia KDE and Felicia main with mint4win all working fine
I might install XFCE on it to check but time is in short supply
I think the option you should use is called something with Personal in it
I'll ask merlwiz79 about this

Re: Acces problem with PEAP/MSCHAPv2

Posted: Wed Apr 22, 2009 8:09 am
by redshot
Hello there.

I think I found the problem. It is the CA Certificate. I found this because I was able to connect to the Ethernet without the certificate, and it uses the same authentication than Wireless.

But, when I try to edit the Network Settings in NetworkManager, I select the CA certificate provided, but if I close that window and open it again, the certificate isn't selected.

Thanks in advance.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Wed Apr 22, 2009 12:17 pm
by Husse
I could not follow you in the post above
Can you connect without the certificate?

Re: Acces problem with PEAP/MSCHAPv2

Posted: Thu Apr 23, 2009 11:57 am
by redshot
Husse wrote:I could not follow you in the post above
Can you connect without the certificate?
I can connect to the Ethernet (cable) network without a certificate. But to connect to the Wireless network, the certificate is necessary.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Fri Apr 24, 2009 6:08 am
by Husse
I'll ask miket to look at this again - I have no experience with certificates in this respect

Re: Acces problem with PEAP/MSCHAPv2

Posted: Fri Apr 24, 2009 7:28 am
by miket
Hi !

This is an old problem that seems to have risen again ??
The explanation and fix is detailed here :

https://bugs.launchpad.net/ubuntu/+sour ... bug/107321

It may also be worth trying wicd instead of nm-applet (The default Gnome network manager) as it seems
to be far more reliable :)

Mike.

Re: Acces problem with PEAP/MSCHAPv2

Posted: Wed Jan 08, 2014 5:20 am
by hir0
I had the same issue here with my Lenovo T420s and Mint 16 Petra.
Found a solution based on a nice hint in this bug history:
https://bugs.launchpad.net/ubuntu/+sour ... ug/1104476

[Snip]
Remove the line that I marked (line 20) , to fix it
This is an example of my NetworkManager profile.
This file is saved under /etc/NetworkManager/system-connections/
[Snip]


Remove the line that I marked (line 20) , to fix it
This file is saved under /etc/NetworkManager/system-connections/

Code: Select all

lnx ~ $ sudo cat /etc/NetworkManager/system-connections/wlan-bla 
[connection]
id=bla
uuid=bla
type=802-11-wireless

[802-11-wireless]
ssid=bla
mode=infrastructure
security=802-11-wireless-security

[802-11-wireless-security]
key-mgmt=wpa-eap

[ipv4]
method=auto

[ipv6]
method=auto

[802-1x]
eap=peap;
identity=bla
anonymous-identity=bla
#ca-cert=/home/gans/Documents/bla.cer
phase2-auth=mschapv2
password-flags=1
#system-ca-certs=true
Uncommenting the two lines made it work.
Looks like the "system-ca-certs=true" is always configured by network-manager regardles if you want or not....

Hope that help you too?
BR.h