The College of New Jersey

Apply     Visit     Give     |     Alumni     Parents     Offices     TCNJ Today     

Raspberry Pi eduroam Config

Assumptions: Raspbian OS (Raspberry version of Debian Linux “wheezy”) and Edimax Technology (RealTek RTL8188CUS) USB wireless adapter.

Make sure the wireless USB adapter is plugged when the Raspberry Pi’s power is off, otherwise the system will likely crash (I read that the initial USB power draw may be more than a powered-on Pi can handle).

Also, it seems that by default if the wired Ethernet is plugged in, the wireless interface will be shutdown. While it is possible to have both going, I haven’t had time to figure out the configuration changes need to make that happen.

Make a backup of the distributed wpa_supplicant.conf file.

cd /etc/wpa_supplicant
mv wpa_supplicant.conf wpa_supplicant.conf-dist

Edit the /etc/wpa_supplicant/wpa_supplicant.conf file to look like this (the first 2 lines should already be present)

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
ssid=”eduroam”
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
pairwise=CCMP
group=CCMP
ca_cert=”/etc/wpa_supplicant/tcnj_eduroam.pem”
# authentification info
identity=”YOUR_TCNJ_USERNAME”
password=”YOUR_TCNJ_PASSWORD”
phase1=”peaplabel=0″
phase1=”auth=MSCHAPV2″
}

Of course, replace the YOUR_TCNJ_USERNAME with your actual TCNJ username, and YOUR_TCNJ_PASSWORD with your password (in clear-text 🙁 ) Make sure to enclose them in double-quotes (e.g. “someuser”).

For the ca_cert= line, download the 802.1x RADIUS server certificate. You can download it directly from this link by right-clicking and saving it to your desktop as tcnj_eduroam.pem. Finally, you will need to transfer it to the Raspberry Pi’s /etc/wpa_supplicant directory.

You can also cut-and-paste the certificate from the text below.
—–BEGIN CERTIFICATE—–
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
—–END CERTIFICATE—–

Once the /etc/wpa_supplicant/wpa_suppicant.conf file has been modified, the certificate has been transferred and the USB wireless has been plugged in (with the Raspberry Pi off), power it on. After the system comes back up, it may be a few minutes before the network is active. You can use ifconfig wlan0 to see if an IP address was obtained. Also, look in /var/log/messages for the 802.1x authentication log messages. The iwconfig command is also useful for checking various wireless signal statistics.

 

Top