How to connect a Raspberry Pi to a WPA2 Enterprise Network

Rasberry Pi Model 3b+ and later.

We don’t currently have a method to do it without internet access. The best option for now is to take the device home and connect it to personal wifi. After it is connected following these instructions allows it to work with AU_WiFi.

 

When configuring AU_Wifi the Authentication method should be PEAP and the certificate path is /etc/ssl/certs/AddTrust_External_Root.pem

 

  1.  Install the needed packages with the following command:
    sudo apt install network-manager network-manager-gnome openvpn \
  2. Set the openvpn as the network manager
    openvpn-systemd-resolved network-manager-openvpn \ network-manager-openvpn-gnome
  1. Remove unneeded packages:

sudo apt purge openresolv dhcpcd5

  1. Replace /etc/resolv.conf with a symlink to /lib/systemd/resolv.conf :

sudo ln -sf /lib/systemd/resolv.conf /etc/resolv.conf

  1. Now go to the top of your screen and reconfigure the panel: open "Panel Settings" -> "Panel Applets": remove "Wireless & Wired Network". The network manager applet should appear after a  reboot.

 Set Date and Time.

 

Linux configuration (Au-WiFi)

  1. Click wireless icon and select "Edit Connections..."

    select edit connections
  2. Press the "Add" button.

    press add
  3. Select "Wi-Fi" from the connection type dropdown and press the "Create" button.

    select wi-fi and press create
  4. Enter the "Connection name" value Arbitrary. Select the "Wi-Fi" tab enter the "SSID" value AU_WiFi.

    Connection name = arbitrary; SSID = AU_WiFi
  5. Select the "Wi-Fi Security" tab and enter or choose the following values:
    1. Security: WPA & WPA2 Enterprise
    2. Authentication: Protected EAP (PEAP)
    3. CA certificate: AddTrust_External_Root.pem
      (file path: etc/ssl/certs)
    4. PEAP version: Automatic
    5. Inner authentication: MSCHAPv2
    6. Username: your-Auburn-username
    7. Password: your-Auburn-password
    8. You will also need to copy the certificate clearpass1.auburn.edu
    9. You can download all the certs from Here


      wi-fi security field entries
  6. Press the "Save" button.

 

This only works for Model 1-Model 3 (Model 3b+ this does not work).

 

tags: Auburn, Auburn University, WPA2, WPA2 Enterprise

Auburn University provides instructions to Ubuntu users on how to connect their hosts to the Auburn University WiFi Network.

Many Universities use WPA2 Enterprise authentication on their networks. This allow you to track WHO is connected where and have granular control over who's able to access the WiFi network.

For tinkerers and experimenters with Raspberry Pi, Particle Photon, and other embedded systems, this poses a problem because many simplier IoT devices do not support WPA2 Enterprise natively or not without some hassle.

Raspbian Jesse and earlier will display a WPA2 Enterprise network from its dropdown list, but it will be greyed out. The workaround is to manually connect to it:


Step 1:

Open Terminal or Command prompt.  Type in "sudo su".  
Enter the password you set up.  Default is blank.  

Linux does not show passwords as you type so don't worry if you don't see anything.

 

Step 2:

Edit the wpa_supplicant.conf file. Use your favorite editor such as nano or vi.

vi /etc/wpa_supplicant/wpa_supplicant.conf

Step 3:

Add the following to your wpa_supplicant.conf file. You will have to update the identity and password part to reflect your enterprise credentials.

network={
        ssid="AU_WiFi"
        # For hidden SSIDs
        scan_ssid=1
        mode=0
        key_mgmt=WPA-EAP
        pairwise=CCMP TKIP
        identity="XXXXXXXX"
        password="XXXXXXXX"
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"
        }
		

Step 4:

Type in " :wq" to "w"rite the changes and "q"uit vi
Type in " exit" to exit su.
Type in " exit" to exit terminal

Step 5:

Reboot the PI, and AU_WiFi should connect.