Wireless conguration for Linux and Windows 7

Download certicate
ATTENTION

If you are a Windows 7 or Windows Vista user download the certicate using Firefox. In this way will be possible to export and install the certicate on the system.

Connect to PoliCO-Open Network. Open Firefox and type an url in the address bar. You will be redirected to a page where you can choose the language of the guidelines for the certicate download.

Click Enter, a page with a short description of the wireless service will be shown.

Select Click here to request the personal certicate. A pop-up window will ask for your credentials.

Insert the username and password you received via e-mail when you subscribed to the wireless service. The page with the certicate request will be shown .

Select Request a Certicate. Another page will be shown.

Select User Certicate. On the next window click Submit.

On the next window select Install this Certicate.

Backup the certicate

In Firefox Linux select Edit Preferences Advanced . In Firefox Windows select Tool Options Advanced. Select Encryption tab. Click on View Certicates.

In the tab Your Certicates select the certicate under rds1 and click Backup.

Select a name for the le (eg. certicate), select a directory and save the certicate. The le will be saved with .p12 extension.

A popup window, Choose a Certicate Backup Password, will prompt you for a password backup password or Import password Insert a password of your choice, this password will be required later.

Once backup the certicate go to the network conguration. For linux conguration: Linux Conguration For Windows conguration: Windows Conguration

Network Conguration, Linux

Network conguration could be performed using the Network Manager if you are using Ubuntu 10.04 distribution. For other distribution, or if you cannot insert all the required data for autentication using the graphical interface, is it possible to congure the network using a shell.

3.1

Conguration using Network Manager

For the autentication using the Network Manager it is mandatory to modify the certicate. Go to the certicate directory linuxuser@ubuntu: cd path/to/certifiacate/ 6

well nd the certicate le certicate.p12. Modify the certicate with openssl.

For Ubuntu 10.04 you need to transform the certicate in .pem format with the following instruction. Attention, the Import password is required The rst command it is to extract the key in .pem format. linuxuser@ubuntu:/path/to/certificate$ openssl pkcs12 -nocerts -in certificato.p12 -out userkey.pem [sudo] password for linuxuser: Enter Import Password: Enter the Import password. youll be asked for another password Enter PEM pass phrase: insert a password PEM pass phrase 4 chars at least. verify you got the le certicate.pem without error messages. Now extract the certicate in .pem format. linuxuser@ubuntu:/path/to/certificate$ openssl pkcs12 -clcerts -nokeys -in certificato.p12 -out usercer.pem Once you have modied the certicate start the connection to the PoliCO-Auth selecting it from the Network Manager. Per Ubuntu 10.04 ll the elds like the following window.

Click on Connect. A pop-up window suggest no CA certicate was selected.

Clicchiamo on Ignore. Wait to be connected to PoliCO-Auth network. Now go to Proxy Conguration.

3.2

Conguration using a shell

It is possible to congure the network using a shell. This step does not require to convert the certicate. If you are using a Network Manager it is better to deactivate the wireless to avoid conict. Create a le wpasupplicant.conf, with an editor of your choice, with the following information. Code 1 Conguration le for wpa supplicant wpasupplicant.conf (Thanks Luca) ap_scan=1 ctrl_interface=/var/run/wpa_supplicant network={ ssid="PoliCO-Auth" key_mgmt=WPA-EAP pairwise=TKIP group=TKIP eap=PEAP identity="username" password="password" private_key2="/path/to/certificato.p12" private_key2_passwd="password_certificato" phase2="auth=TLS" }

Start wpa supplicant like daemon, -B option, -i dene the wireless interface, usually wlan0, -c is conguration le path, -D is the driver option. sudo wpa supplicant -B -i wlan0 -c /wpasupplicant.conf -D wext Once connected ask for an ip address with the command: sudo dhclient wlan0 Go to Proxy conguration.

Network Conguration, Windows 7

Go to the directory where you saved the certicate. Install the certicate on the sitem double clicking on it. A wizard will start, dont change anything you have only to insert the Import Password when required. At the end of the wizard the certicate is installed on the system. Once the certicate is installed you need to congure the network connection. Click on wireless network icon. Select Open Network Sharing Center.

Or Start Control Panel Network and Internet Network and Sharing Center

Select Set up a new connection or network.

Select Manually connect to a wireless network.

Set up the connection like in gure pay attention to exactly match the network name (case sensitive). Click on Next. A pop-up window suggest to modify the connection parameters.

10

Click on Change connection Settings. In the PoliCO-Auth Wireless Network Properties select the tab Security e congure it like the gure. Click on Settings.

Figure 1: PoliCO-Auth Wireless Network Properties

Congure Protected EAP Properties panel like gure 2. Uncheck Validate Server Certicate. Select Smart Card or other certicate in the combobox. Click on Congure. 11

Figure 2: Protected EAP Properties

In the Smart Card or other Certicate Properties panel (gure 3) Uncheck Validate Server Certicate. Click Ok and then OK to come back to Network and Sharing Center. Connect to PoliCO-Auth network. Go to Proxy conguration.

12

Figure 3: Smart Card or other Certicate Properties

Only for Windows 7 Referring to gure 1. Click on Advanced Settings button and congure the tab like the gure.

13

Proxy conguration

To surf the network you need to set the proxy inside the browser. In Firefox Linux select Edit Preferences Advanced. In Firefox Windows select Tool Options Advanced. Select Network tab.

Click on Settings congure it like in gure.

14

15