My school has campus-wide wifi that is encrypted using 802.1x enterprise encryption and I can't get my N1 to connect to it. Under the wifi settings the network shows up in range, but it shows up as a WEP wifi connection which isn't the case. I can manually add a connection and choose 802.1x and configure it as it should in order to connect, however when I do that it shows up at the bottom of the list as "Not in range, remembered" despite the fact that the SSID of the same name still shows up as that incorrect WEP encrypted connection.
Has anyone successfully connected to a 802.1x encrypted connection using their N1?
Do you need to install a security cert?
My N1 doesn't arrive until tomorrow, and I haven't tried connecting to my current school's wireless network. My last school had enterprise security, and I had to install a certificate on my laptop, and special software on my Windows mobile.
If no one else gets back to you, I'll see if I can screw around tomorrow evening.
Some googlin' brought up some maybe relevant info:
http://www.google.com/support/forum/p/android/thread?tid=5507f5155591aeda&hl=en
http://www.google.com/support/forum/p/android/thread?tid=4be67146eafe4365&hl=en
ATnTdude said:
Do you need to install a security cert?
My N1 doesn't arrive until tomorrow, and I haven't tried connecting to my current school's wireless network. My last school had enterprise security, and I had to install a certificate on my laptop, and special software on my Windows mobile.
If no one else gets back to you, I'll see if I can screw around tomorrow evening.
Some googlin' brought up some maybe relevant info:
http://www.google.com/support/forum/p/android/thread?tid=5507f5155591aeda&hl=en
http://www.google.com/support/forum/p/android/thread?tid=4be67146eafe4365&hl=en
Click to expand...
Click to collapse
i've tried a few different methods mentioned in the google forums and still no luck...
anyone able to connect using 802.1x?
with 2.1 update 1
i got it to work. not sure if that's what fixed it as my SA gave me the wrong sid the first time ... but it works great post update!
Nexus One -- Android 2.2 and 802.1x WiFi Authentication
flomid said:
My school has campus-wide wifi that is encrypted using 802.1x enterprise encryption and I can't get my N1 to connect to it. Under the wifi settings the network shows up in range, but it shows up as a WEP wifi connection which isn't the case. I can manually add a connection and choose 802.1x and configure it as it should in order to connect, however when I do that it shows up at the bottom of the list as "Not in range, remembered" despite the fact that the SSID of the same name still shows up as that incorrect WEP encrypted connection.
Has anyone successfully connected to a 802.1x encrypted connection using their N1?
Click to expand...
Click to collapse
I am using a stock Nexus One on Android 2.2. I got it running by entering the following (be sure to 'FORGET' the SSID that automatically comes up in favour of manually creating it) at 'Settings' >> WiFI:
EAP method: (I can choose b.w. PEAP, TLS or TTLS) and I choose PEAP
CA certificate: no choice … merely shows in brackets (unspecified)
User certificate: (unspecified)
Identity: (I enter) [MY-USERNAME, e.g., [email protected]]
Anonymous identity: (leave blank)
Password: [MY_PASSWORD]
Our university relies on WPA2/EAP/MS-CHAP .... but in our case putting the entire username did the trick.
I believe the Android 2.1 UI is deficient and will not let you enter the above, and from what I have read those who have 'rooted' their phone (and voided their warranty) have placed something like the following wpa_supplicant.conf file in /etc/wifi :
##### wpa_supplicant configuration file template #####
update_config=1
ctrl_interface=eth0
eapol_version=1
ap_scan=1
fast_reauth=1
Network={
ssid="MY_SSID"
key_mgmt=IEEE8021X
eap=PEAP
phase2="auth=MSCHAPV2"
identity="MY_USERNAME"
password="MY_PASSWORD"
}
Some have mentioned that any certificate (e.g., Thawte) should be .p12 configuration and placed in the root directory of the SD Card. The best info for those who want to 'root' their Nexus one is Joe Levi's commentary at: http://pocketnow.com/tweaks-hacks/video-flashing-froyo-on-your-nexus-one
But as I stated, I have mine running the Net locally, and just need the proxy turned off by the uni. to get out.
Hope this helps.
I'm having the same issue at work. It appears as a WEP network and adding it as 802.1x says the network is not in range.
I'll give that wpa_supplicant.conf hack a go later.
I solved this issue, with the WiFi Advanced Config Editor (available in the marketplace)
my WIFI is 802.1x, with PEAP,MSCHAP v2
connect to the listed wifi with wep enabled, use any password
then modify the configuration with the WiFi Advanced Config Editor set as 802.1x, PEAP, MSCHAP v2, set user identity and password remove and remove any WAP settings
a enjoy
In my case, i have ICS 4.0, i try all suggestions above, but not work.
Someone can help me? Please
Related
I've been struggling with OpenVPN on my Vario III on T-Mobile and hope someone can throw me a bit of a lifeline.
I can connect to my OpenVPN (running on my WRT54GS router) via wifi but the problem is when I try over 3G. Even when I've specified the provider and ticked "exclusive", it manages to connect to my OpenVPN server but I get no further connectivity (to webpages etc).
As said, via wifi this config on my Kaiser works perfectly...
Code:
remote xxxxxx.homeip.net
port 22
dev tap
secret "\\Program files\\OpenVPN\\config\\secret.key"
proto tcp-client
resolv-retry infinite
nobind
comp-lzo
cipher AES-256-CBC
route gateway 192.168.xxx.xxx
redirect-gateway
dhcp-option DNS 192.168.xxx.xxx
but when tried via 3G it seems to have a problem with setting the routing..
Code:
Mon Oct 22 21:58:00 2007 ROUTE: route addition failed using CreateIpForwardEntry: The parameter is incorrect.
Just wondering if there is something either with the T-Mobile network or the Vario III which is specifically stopping me from using OpenVPN
Or are my settings misconfigured?
I've also attached a full copy of the log.
Thanks for any help you can give (Give generously)
CP
Sounds suspiciously like a NAT traversal or proxy issue to me. On the HSDPA network, there's a proxy in the picture. I don't believe that's the case for the Edge network. That could easily be the cause of the problem.
Surely once the connection has been established the NAT issue shouldn't be a problem?
TBH I thought the route addition problem was due to the software being unable to update the local routing table?
NAT traversal issues often manifest themselves as connections that look like they're established, then die immediately. The VPN participants have to know the actual IP addresses of the devices involved, and understand that NAT is happening. Proxies also need to play a role in that process since they're effectively "standing in" for your device. And they may be configured not to permit IPSec traffic at all.
What you've described sounds exactly like NAT traversal issues - the negotiation appears to go just fine, but the actual connection dies on the vine. Since the end points don't have the right data from the negotiation (actual valid addresses to build the tunnel around), the route they try to build is invalid and fails.
In your log, it's impossible to tell since the IP addresses have been all translated to xxx.xxx.xxx.xxx. But I suspect that the ones up until the "TCP connection established with..." message are all displaying valid public IP addresses, and somewhere very shortly after that they start displaying private RFC 1918 addresses.
Proxies + NAT +IPSec = small nightmares. This is one of the reasons SSL VPNs have gained significantly in popularity.
Try Hamachi vpn
https://secure.logmein.com/products/hamachi/vpn.asp
Surur
PerfAlbion said:
In your log, it's impossible to tell since the IP addresses have been all translated to xxx.xxx.xxx.xxx. But I suspect that the ones up until the "TCP connection established with..." message are all displaying valid public IP addresses, and somewhere very shortly after that they start displaying private RFC 1918 addresses.
Click to expand...
Click to collapse
You have PM
Quick update:
I've just connected my Laptop to the internet via my Kaiser using 3G.
Ran OpenVPN and it connected without a problem.
Technically this would suggest that I should be able to connect with my kaiser but theres either a problem with my config or a bug in the PPC openvpn software :S
I haven't tried on UDP yet which will be my next test....
Any ideas?
Blimey, I didn't know there was a PPC client! I'll try it to see if it works with my setup.
Well I can't even get it to talk to my server so won't be able to help !
Fire up the card in your laptop and take a look at the IP address assigned to your machine. Since it's a different service, they may not be passing you through the proxy that's in place for the Kaiser. If you've received a public address, then you're on a "different network" even though both are 3G services.
PerfAlbion said:
Fire up the card in your laptop and take a look at the IP address assigned to your machine. Since it's a different service, they may not be passing you through the proxy that's in place for the Kaiser. If you've received a public address, then you're on a "different network" even though both are 3G services.
Click to expand...
Click to collapse
?? When you connect a laptop via BT to the kaiser, (using internet sharing) it creates a NAT which the traffic is passed over through the 3G service. Essentially using the same service..
Unless you mean the "service" between the windows software & the PPC/WM software is different?
Plus how'd you mean fire up the card in my laptop?
Cheers for your help on this btw.
I'm assuming that the Laptop data service and the PDA data service are treated differently within the AT&T network. While the PDA passes through a proxy, I suspect the laptop does not.
When I say "fire up the laptop card," I mean establish a connection and look at your IP address (ipconfig from a command prompt will show it). It may be a different IP address range than the PDA receives (which you could see using VxIPConfig or VxUtils). Even if it's within the same range, it may be bypassing the proxy.
So while you're using essentially the same technology, I suspect the services are implemented very differently, and that's what we're trying to sort out.
I dont believe it!!!
I downloaded VM Net Brower checked what IP addresses were being assigned and connected successfully! Loaded up www.whatismyip.org and it came up with the proxy of my PC at home.
Unfortunately, my phone was running incredibly slow and thought it best to do a soft reset... afterwards no matter what I do, I can't connect. I just cant figure out why or replicate what I did
Argh.. this is getting to me now... next on the agenda is to try changing the port number from 22 to 8080 or 80 and see what happens.
Hi there,
Can someone please help by advising me on how to overcome this problem.
If I broadcast my SSID, the device connects fine, but when I stop broadcasting, the device will show that the network is unavailable. Even though I did check the "This is a hidden network" checkbox option, in the settings.
Configure Wireless Network-
Network Name: MyWirelessNetwork
Connects By: The Internet
This is a hidden network: CHECKED
Configure Wireless Authentication-
Authentication: WPA2-PSK
Data Encryption: TKIP
The Key is Automatically Provided: unchecked
Network Key: **********
Key Index: 1
Please help,... many thanks!
Kind regards,
JonD
My device is the HTC TyTn II (Kaiser) running Windows Mobile 6 Professional
Additional information about my WiFi Router:
I'm using a D-Link DI-524 wireless router that I set as a hidden network (disabled SSID broadcast).
I also enabled the MAC filtering, and of course the device's MAC address is already added to the approved list for connections, so I think there is no issue with the router or network (like I mentioned before, when I enabled the SSID broadcast all devices connect perfectly and all is good, but when I disabled the SSID broadcast, the Kaiser & the vista laptop will say the network is unavailable and can't connect).
No problems with connections at all with my other laptop that runs on XP.
Stupid question...but are you able to connect to the network with another devcie. Also have to tried running a third party program that can scan for wireless AP's from the device.
And can you connect to any other hidden network..
It might be in a really good hiding spot.
JonD said:
Hi there,
Can someone please help by advising me on how to overcome this problem.
If I broadcast my SSID, the device connects fine, but when I stop broadcasting, the device will show that the network is unavailable. Even though I did check the "This is a hidden network" checkbox option, in the settings.
Configure Wireless Network-
Network Name: MyWirelessNetwork
Connects By: Work
This is a hidden network: CHECKED
Configure Wireless Authentication-
Authentication: Open
Data Encryption: WPA2-PSK
The Key is Automatically Provided: unchecked
Network Key: **********
Key Index: 1
Please help,... many thanks!
Kind regards,
JonD
My device is the HTC TyTn II (Kaiser) running Windows Mobile 6 Professional
Click to expand...
Click to collapse
Somethings wrong with what you posted. WPA2-PSK is a form of authentication, and it would use either AES or TKIP as it's method of encryption. There is no such thing as a WPA, open network (WEP, open yes, but not WPA).
gwnorth, thanks for pointing that out.... the following is the correct configuration:
Configure Wireless Network-
Network Name: MyWirelessNetwork
Connects By: The Internet
This is a hidden network: CHECKED
Configure Wireless Authentication-
Authentication: WPA2-PSK
Data Encryption: TKIP
The Key is Automatically Provided: unchecked
Network Key: **********
Key Index: 1
As for the other questions (for Arlop & ChumleyEX), I've got no problems connecting to my non-broadcast SSID network with my laptop running XP.... but I face the same problem with my other laptop that runs on vista.
of course, when I enabled the SSID broadcast, everything connects fine (the Kaiser and the vista laptop).
If anybody faced this similar problem and knows a solution, please let me know. Appreciate your help in the matter.
What is the point to have the system acknowledging that the network is hidden or not (checkbox option "This is a hidden network:" CHECKED or UNCHECKED ), but still fail to connect to it.
cheers,
JonD.
I'm not sure if this will help ...
I'm using a Netgear wireless router provided by my company which is set to an hidden network.
To set up access via my Kaiser I enter:
Setting > Connection > WiFi > Add New ...
Network name > Mynetworkname
Connects to > The internet
Hidden network > Checked
Authentication > Open
Data Encryption > WEP
The key is automatically provided > Un-Checked
Network Key > ****************************
Key Index > 1
What you haven't mentioned, but something that I needed to do ... The router needs to know my PDA mac address to allow access in its settings to support authorisation.
Since our IT department control the access rights (unless you have the password ), I do not know if the mac address information is a company protocol or part of a 'hidden network' setting.
PS. I always keep the WEP key in a text file on the PDA to copy and paste, because it's too troublesome to type it out each time I change the ROM's and have to set it up again.
I hope this helps.
JonD said:
gwnorth, thanks for pointing that out.... the following is the correct configuration:
Configure Wireless Network-
Network Name: MyWirelessNetwork
Connects By: The Internet
This is a hidden network: CHECKED
Configure Wireless Authentication-
Authentication: WPA2-PSK
Data Encryption: TKIP
The Key is Automatically Provided: unchecked
Network Key: **********
Key Index: 1
As for the other questions (for Arlop & ChumleyEX), I've got no problems connecting to my non-broadcast SSID network with my laptop running XP.... but I face the same problem with my other laptop that runs on vista.
of course, when I enabled the SSID broadcast, everything connects fine (the Kaiser and the vista laptop).
If anybody faced this similar problem and knows a solution, please let me know. Appreciate your help in the matter.
What is the point to have the system acknowledging that the network is hidden or not (checkbox option "This is a hidden network:" CHECKED or UNCHECKED ), but still fail to connect to it.
cheers,
JonD.
Click to expand...
Click to collapse
Sounds to me like you have a network issue, not a Kaiser issue since you said your having the same issues on Vista.
I do not broadcast my SSID and my tilt has no problems connecting.
Maybe you have MAC-address filtering enabled?
I have seen routers giving problems with MAC-filtering disabled and SSID broadcasting disabled.
Devices that had a working connection, disconnected when we disabled SSID-broadcast.
Strange, but enabling the MAC-address filter list solved that.
To ajs007, jallenclark & johanromijn thank you for your replies.
I'm using a D-Link DI-524 wireless router that I set as a hidden network (disabled SSID broadcast).
I also enabled the MAC filtering, and of course the device's MAC address is already added to the approved list filter for connections, so I think there is no issue with the router or network (like I mentioned before, when I enabled the SSID broadcast all devices connect perfectly and all is good, but when I disabled the SSID broadcast, the Kaiser & the vista laptop will say the network is unavailable and can't connect).
ajs007, do you think different authentication protocols (you use WEP, but I use WPA-PSK) make any difference?
jallenclark, is there anything you did differently?
Thanks.
JonD
I have the same issue with mine. I cannot connect to a hidden network....initially.
I turned on SSID broadcast, the Tilt connect immediately and then unchecked the SSID Broadcast.
Now it connects always.
Seems like it should work.. other devices connect fine as long as the name is specified.
online142154 said:
I have the same issue with mine. I cannot connect to a hidden network....initially.
I turned on SSID broadcast, the Tilt connect immediately and then unchecked the SSID Broadcast.
Now it connects always.
Seems like it should work.. other devices connect fine as long as the name is specified.
Click to expand...
Click to collapse
Sadly, I tried that, connects immediately when the SSID is broadcast, and while it remains connected, I turn off the broadcast and the device lost connectivity immediately too.
Man... I don't understand this......
here are some more info (ROM version and stuff), just in case you guys out there can help figure this out...... many thanks!
ROM version: 2.50.771.0 WWE
ROM Date: 10 March 2008
Radio version: 1.27.15.32
Protocol version: 22.51.88.13H
I have similar problem, Hermes with wm6.1. When my router is set up to use WEP I have no problem to connect, but I prefer WPA2-PSK and my PDA gets stuck on "connecting".
My iBook and a PC laptop can connect without problem...and so does my buddy's iPhone...
Change the radio version. try flashing a radio that end in 36. xD
i have similar problem with my x1. radio version ends with 18. firmware version is R2AA010. exists one with newer radio? thx.
Works on mine?
I went to a customer site recently where they were deploying a Wireless LAN. As they were using a hidden SSID & WPA2-PSK & AES I tested it with my Kaiser and after a couple of attempts it connected OK (I think typos on my part were why it took two attempts..).
Hidden SSID's are pretty useless anyway as they are easy to discover. I think beefing up the back end security is a much better option - use WPA2 with PEAP or EAP-TLS instead of just hiding the SSID and using Pre-Shared-Keys. If the key is leaked then think of the number of devices you need to manually reconfigure.
Andy
my school has wifi called UCM-WiFi-Secured i go through the settings for the wifi
Authentication: Open
Data Encryption: WEP (check key auto provided), i have tried all security options and none work
next
Then i can either leave Use IEEE 802.1x network access control check box unchecked which sends me to a Enter username/password/domain and i do so with correct information and get an error message saying i need a personal certificate
or i check the box for IEEE 802.1x, select peap and click properties and it says Cannot log on to the wireless network. this network requires a personal certificate to postitively identify you.
Below is a link to connect using vista. An iphone works fine! Anyone have any ideas? Im lost
www.ucmo.edu/Documents/is/wirelessvista.pdf
thank you
Brett
Same problem on the Raphael and maybe all WM devices regarding the questions here in other parts of the forum...
As i can see so far: no solution
ok, first of all, i checked every single thread on this page hoping to get a solution for my problem.
HTC Diamond, D-Link DWL-900AP+ Access Point.
My Diamond can "see" the Access Point, but is unable to connect with it.
Authentification WPA-PSK
Encryption TKIP
Networkkey Manually inserted and 100% correct.
Hook set at IEEE802.1x
EAP Typ = Smartcard or security certificate (but it's greyed out)
Network Card connects to Internet
From Server given IP Adress (hook set) DHCP on Access Point enabled
MAC Filters disabled
I also played around with the available network tabs.
I have vodafone DE, vodafone internet, company network or ISP
The the slider of the energy saving modus ist set to best performance.
What the hell is going wrong????
I also owe a HTC Touch Elfin and have no problems to access my network/internet.
Any suggestions would be highly appreciated
thank you
try deleting your network saved setting from list, make sure network card connects to internet, not work, find access point, and enter your password again.
this works for me in similar situations.
works if you start fresh, and not trying to connect with the same settings. i dont know why but has saved my ass a few times.
Also, try changing the encryption from TKIP to AES and see if that works....
I have the same problem! It's something about DHCP. My Diamond connects to my home wifi onli if I set the IP (which belongs to my phone on access point) address in the properties of network adapter.
HI did you try to put the host address of a site?
write 64.233.167.99 instead of google.it in case you can see the page the problem is the dns not resolved and insert manually in your phone connection
Marcellus_pnz said:
I have the same problem! It's something about DHCP. My Diamond connects to my home wifi onli if I set the IP (which belongs to my phone on access point) address in the properties of network adapter.
Click to expand...
Click to collapse
Same here, it looks like a DHCP time-out or routing problem. I've set up a DHCP server with a small pool of adresses on the acces point itself and now my Diamond always connects correctly. Before that, my Diamond would state that i had entered a invalid security key.
diamond connects but i cannot visit any website
Hi,
I have a similar problem. My diamond gets an ip address from dhcp, connects to dwl-900ap+ but i am not able to open any website (I tried to open some web with url and with its ip address too) - tried opera and IE too. In opera i get a "could not locate remote server" error. (Looks like a DNS problem?) I am not even able to open the AP's configuration web with diamond. Every other wifi enabled equipment I tried (1 notebook with win vista, 1 with XP, 1 with debian linux, nokia n95 with symbian and e-ten m700 with win mobile 5) works without a single problem. I also tried to reset the AP and my diamond - without success.
I didn't change any setting on the AP except for setting up a WEP encryption (i know, i know, it's not a strong encryption ), the SSID and the AP's ip address. Everything else is default. My dhcp server is not the access point. DHCP runs on a similarly configured router with wifi AP (diamond connects without problem).
Any idea/solution? thanks
These are the instructions that my corporate has for connecting an iPhone
For your iPhone to access CORPNET you need to connect to the wireless network "CORPNET1". Not all buildings are configured in a way that the iPhone can connect to "CORPNET1". This is because most buildings are only running 802.11a. In some buildings "CORPNET1" is configured to run both 802.11a AND 802.11g (using WPA authentication), the latter being the one the iPhone supports. The other wireless network "CORPNET2" is 802.11b and uses WEP authentication, which doesn’t work for most people. If you can't see "CORPNET1" on your iPhone it's probably not going to work.
Assuming you're able to see CORPNET1, simply select it from the network list. It will prompt you for your credentials, enter your domain\alias and password. It should prompt you to accept a certificate, go ahead and do so. Now, click the blue arrow next to CORPNET1. Scroll down to HTTP Proxy, then select "Auto" and enter: CorpnetProxy. Back out to Safari and check connectivity.
-- When i try to connect to CORPNET1 on Dream (running CyanogenMod 4.2.5 , Firmware version 1.6) i see the following options
EAP Method -- ??
Phase 2 Authentication -- ??
CA Certificate -- i have this as corpnet.pem on my sd card but the dropdown does not show it
Client Certificate -- i have this as user.pem on my sd card but the dropdown does not show it
Private Key password -- i dont have the user.prv file
Identity -- ??
Anonymous Identity -- ??
Wireless Password -- ?
Can someone please tell me how to configure this so that I can connect to the network. I have rooted my phone.
Any help will be highly appreciated.
Thanks