Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

User Guide

VIEWS: 8 PAGES: 25

									User Guide




Horw, 17. September 2008
Page 1/25


Wireless LAN Configuration
Horw, 17. September 2008
Page 2/25
User Guide - Wireless LAN Configuration


Change History
Version  Date                     Status            Changes & Comments                                                Edited by
1.0      13.10.05                 Draft             Document created                                                  Wup
1.1             17.09.07          Release           Amendments and corrections                                        Stc
2.0             11.10.07          Release           Modifications HSLU                                                Vor
2.1             24.10.07          Release           Amendments for Ubuntu 7.10                                        Stc
2.2             27.11.07          Release           Amendments for Mac OS X 10.5                                      Vor
2.3             11.02.08          Release           Amendment Password Change Portal                                  Mih
2.4             27.05.08          Release           Amendments for Ubuntu 8.04                                        Vor
2.5             17.09.08          Release           Amendments for extension in "Music"                               Stc
2.6             10.07.09          Release           Conversion Campus                                                 Wem
2.7             31.08.09          Release           Download and installation QuoVadis Certs Scp
2.8             04.02.10          Release           Anpassungen Linux (Suse & Ubuntu)        Mut


Table of Contents
1. Prerequisites .............................................................................................................................. 3
1.1. Hardware ................................................................................................................................ 3
1.2. Software ................................................................................................................................. 3
2. Coverage ................................................................................................................................... 4
3. Technical Information about the Infrastructure ......................................................................... 5
4. Code of Conduct ....................................................................................................................... 6
5. How the WLAN Works ............................................................................................................. 7
5.1. Operational Modes ................................................................................................................. 7
5.2. Variable Connection Quality .................................................................................................. 7
6. Installation ................................................................................................................................ 8
6.1. Brief Overview....................................................................................................................... 8
6.2. Installation in General ............................................................................................................ 8
6.3. Download and Installation Certificates .................................................................................. 8
6.4. Creating a Profile under Windows XP.................................................................................... 8
6.5. Creating a Profile under Windows Vista .............................................................................. 13
6.6. Create profile for Mac OS 10.4 (Tiger) ................................................................................ 17
6.7. Create profile for Mac OS 10.5 (Leopard) ............................................................................ 19
6.8. Creating a Profile under Linux ............................................................................................. 22
6.8.1. Suse Linux 9.3 ................................................................................................................... 22
6.8.2. Ubuntu 7.10 / 8.04 ............................................................................................................. 22
6.9. Next steps ............................................................................................................................ 24
6.9.1. Changing your password ................................................................................................... 24
7. Support.................................................................................................................................... 24
8. FAQ ........................................................................................................................................ 25
Horw, 17. September 2008
Page 3/25
User Guide - Wireless LAN Configuration


1.   Prerequisites

1.1. Hardware
Many new notebooks already have integrated WLAN cards that are compatible with the WLAN at
HSLU.

The following conditions apply:
- The notebook should be WiFi-capable.
   The Wi-Fi Alliance organisation tests relevant components in line with its own guidelines.
   Products that pass this test are awarded the Wi-Fi certificate and are therefore eligible to carry
   the Wi-Fi logo:




-    The IEEE 802.11b (11Mbps) and IEEE 802.11g (54Mbps) standards are supported at Lucerne
     University of Applied Sciences and Arts. Many new WLAN cards even support all three current
     standards (802.11a/b/g).
-    WPA is a WLAN encryption method which supports the new features for secure data transmission
     and network access.

     Only WLAN cards that are WPA2-capable are supported at HSLU.

     In the case of privately owned notebooks (student notebooks) it is very easy to find out whether the
     notebook is WPA2-capable.
     At http://public.hslu.ch there is a brief guide that explains how to find out if one's notebook is
     WPA2-capable.
     All notebooks belonging to employees and teaching staff at Lucerne University of Applied Sciences
     and Arts support the WPA2 standard.

1.2. Software
Windows XP Professional SP2, Mac OS 9.0 & OS X and various kinds of Linux.
For all other operating systems it is necessary to find out whether the relevant drivers are available for the
WLAN cards.
Horw, 17. September 2008
Page 4/25
User Guide - Wireless LAN Configuration


2. Coverage
WLAN reception is possible in the following locations:

Social Work, Werftestrasse 1, Lucerne:
    Ground floor:    Auditorium and foyer entrance
    1st floor:       Entire floor and internal arena

Social Work, Inseliquai 12b, Lucerne:
    Ground floor:     Foyer entrance
    1st floor:        Entire floor and lecture theatre

Engineering & Architecture, Technikumsstrasse 21, Horw:
    Block 1:         Level B
    Block 2:         C232, classrooms on levels E and F
    Block 3:         B330, B332, B332b, B332c, classrooms and laboratories on level C, level D
                     excluding D311, classrooms on levels E and F
    Block 4:         Level C, Dr. Josef Mäder Room, all of levels E and F
    Block 5:         Level D (excluding the kitchen), Physics lecture theatres, levels E and F
    Pavilion 1:      Entire building

Business, Zentralstrasse 9, Lucerne:
    Ground floor:      Reception
    Mezzanine:         Entire exhibition space
    1st – 4th floor:   Entire level, all classrooms and offices
     th
    5 floor:           Refectory area, 5.16, 5.18, excluding terrace

Business, Rösslimatte 48, Lucerne:
    Ground floor:     Entire level
     st
    1 floor:          Entire level
    2nd floor:        Entire level

Business, Grafenau, Zug:
    Grafenau 8:      Entire level
    Grafenau 10:     Entire level
    Grafenau 12:     Entire level

Art & Design, Rössligasse 12, Lucerne:
    Rössligasse 12: Entire building

Art & Design, Sentimatt 1, Lucerne:
    Sentimatt 1:     Entire building

Art & Design, Baselstrasse 61, Lucerne:
    Baselstrasse 61: Entire building

Music, Zentralstrasse 18, Lucerne:
    3rd floor:        Entire level
    4th floor:        Entire level
Horw, 17. September 2008
Page 5/25
User Guide - Wireless LAN Configuration


Music, Obergrundstrasse 9/13, Lucerne:
    Obergrundstrasse 9:    Entire building excluding cellar
    Obergrundstrasse 13: Entire building

Music, Grabenstrasse, Mariahilfgasse, Lucerne:
    2nd floor:        Corridor
    3rd floor:        Entire level
     th
    4 floor:          Entire level
    5th floor:        Entire level

Music, Süesswinkel, Lucerne:
    Süesswinkel:     Entire building

Music, Dreilindenstrasse 93, Lucerne:
    Main building:                Entire building excluding cellar
    Business premises:            Entire building

Lucerne University of Applied Sciences and Arts, Frankenstrasse 7/9, Lucerne:
    2nd floor:        Entire level
    3rd floor:        Entire level
    4th floor:        Entire level


3. Technical Information about the Infrastructure
- Wireless standard: IEEE 802.11b/g in the 2.4GHz band
- Data speed per AP:
   in the case of 802.11b max. 11Mbps gross
   in the case of 802.11g max. 54Mbps gross

    However, this only applies in the case of one client per cell and within a short distance of the
    access point (a few metres). If the distance is greater and/or if there is more than one user per cell
    the individual data speed – and in some cases also the overall speed – will be reduced.

    Wireless signal strength: between 1mW (small rooms) to 50mW (large areas). In most places the
    signal strength will be no more than 5mW.

-   IP addresses: assigned via DHCP (dynamically)
-   Roaming: the entire wireless network is based on Layer 3 roaming
-   Max. no. of users per cell: 30
-   Authentication: PEAP
Horw, 17. September 2008
Page 6/25
User Guide - Wireless LAN Configuration


4. Code of Conduct
Misuse of network access is strictly prohibited.
The provisions of the User Regulations for the IT facilities of Lucerne University of Applied
Scienses and Arts apply. These can be found at: http://hotline.hslu.ch.

In particular:
- Attempted or actual infiltration of other systems for which the user is not authorized.
- Attacks on systems with the aim of blocking them or destroying data.
- Attempts to access data for which the user is not authorized.
- Distribution of viruses, malware or spam.
    If this is detected on a device, access to the network will be blocked by the IT Services unit
    without further notice.
- General misuse of the network that abuses the good faith of users.
- Any breach of the law or disregard for the rights of others.
- Under no circumstances may a user device (e.g. notebook) attached to the Lucerne University of
    Applied Sciences and Arts network be configured to act as a server. The network is not designed
    for this purpose and could be disrupted.
- The systems must be kept up-to-date with all the security patches recommended by the
    software provider.
- A good virus scanner must be set up in such a way that all files are continuously checked using
    the current version of the virus descriptions.
- The IT Services unit can monitor system maintenance and the activities of both viruses and
    hackers.
- Every authentication of a user on the Lucerne University of Applied Sciences and Arts network
    is logged. In the event of breaches of the regulations, Lucerne University of Applied Sciences and
    Arts can take disciplinary measures and may resort to civil or criminal prosecution.
- On private, borrowed and public computers it is possible thanks to ‘cached credentials’ to
    access all the resources (network drives, printers etc.) that the user has accessed in the past
    without having to go through the authentication process again.
    However, this entails the risk that third parties could access the user’s personal resources by
    means of the cached credentials.
Horw, 17. September 2008
Page 7/25
User Guide - Wireless LAN Configuration


5.   How the WLAN Works

5.1. Operational Modes
The access point provides the clients with access to the fixed network.

The 802.11b/g standard provides 3 non-overlapping frequency channels. In other words, it is
possible to operate three access points in close proximity to one another. This setup will work well
even though the areas covered by the access points overlap. The 802.11a standard offers 8 channels.
The wireless card itself selects the channel that it wants to use; users do not have to concern
themselves with the various frequencies. They need only specify the network that they want to
connect to. This is the so-called Service Set Identification (SSID). A wireless network propagates
itself using this SSID.

Lucerne University of Applied Sciences and Arts uses the following 2 SSIDs:
public for public access
hslu     for the use of teaching staff, employees and students

A range of sub-networks (zones) are used within SSID “hslu”. This means that these zones are
discrete. However, each zone has access to additional resources zones.

Example:
Students are assigned to the “Students” zone. From this zone they have access to the resources of
Central Services but not to the zones or resources of employees or teaching staff.

The AAA server uses the user’s login information to decide which zone he or she belongs to.
The network with SSID ‘public’ is designated as a so-called transfer network. Any user can connect
to this SSID without encryption or identification. From this zone, users can connect to internet
address http://hotline.hslu.ch and download information, documents and software. This SSID
can also be used to access selected web services like ILIAS, webmail or the Lucerne University of
Applied Sciences and Arts website.
The IT Services unit of Lucerne University of Applied Sciences and Arts can grant temporary access
to the internet or the SWITCHMobile network.

5.2. Variable Connection Quality
The quality of any connection is determined by the distance between the WLAN client and the
access point and by any obstacles between the two. The greater the distance, the lower the connection
quality and the data transfer rate. People, plants, walls and metal objects all reduce the strength of the
signal and affect the range and data speed.
Other signal sources that operate on the same frequency (e.g. microwave ovens, wireless mice,
Bluetooth devices like mobile phone headsets, or other access points) may disrupt the signal.
WLAN is a so-called ‘shared medium’; in other words, the bandwidth is shared. The maximum data
speed of an access point is shared among all the clients that are connected to it. The more users that
are sending and receiving data at the same time, the less bandwidth is available to each user.
Horw, 17. September 2008
Page 8/25
User Guide - Wireless LAN Configuration


6.   Installation

6.1. Brief Overview
SSID:                               hslu
Network authentication:             WPA2
Encryption:                         AES
Authentication:                     IEEE 802.1x
EAP type:                           PEAP
Authentication method:              MSCHAP v2
Login:                              by means of the login information

Fingerprint of the server certificate of ias01.hslu.ch and ias02.hslu.ch (Subject Alternative Name):
86 b8 b8 24 22 81 e4 53 ad 0f aa f1 cb b4 25 3a 0d 2d ca f6

6.2. Installation in General
The drivers for a built-in notebook wireless card are generally installed by the operating system
itself. If the card is not recognised, the driver supplied by the manufacturer will have to be installed. The
manufacturer usually supplies an installation guide for this purpose.


6.3. Download and Installation Certificates
With some installations of Windows XP or Windows Vista, it can occur that before the WLAN-
configuration the safety certificates must be installed by QuoVadis. For downloading these
certificates visit:
http://hotline.hslu.ch/h-pre-service_angebot/h-pre-wlan.htm


6.4. Creating a Profile under Windows XP
The settings for the WLAN card can either be made directly in the operating system or by means of a tool
provided by the manufacturer.
For the sake of simplicity we normally use the operating system. In this case ‘Windows zum
Konfigurieren der Einstellungen verwenden’ [Use Windows to configure the settings] must be ticked
under wireless connections/networks. The installation steps on the following pages are explained
with reference to wireless management as implemented in Windows.

                                                             To reach option ‘Eigenschaften von
                                                             Drahtlosnetzwerkverbindungen’ [Properties of
                                                             wireless network connections] click on ‘Start’
                                                             [Start] ‘Einstellungen’ [Settings]
                                                             ‘Netzwerkverbindungen’ [Network
                                                             connections].
Horw, 17. September 2008
Page 9/25
User Guide - Wireless LAN Configuration


                                          Then after the user selects ‘Drahtlose
                                          Netzwerkverbindung’ [Wireless network
                                          connection] the available wireless networks
                                          are displayed.




                                          Select ‘Erweiterte Einstellungen ändern’
                                          [Update extended settings] in the related
                                          tasks.




                                          In the properties of the wireless network
                                          connection go to tab ‘Drahtlosnetzwerke’
                                          [Wireless networks].
Horw, 17. September 2008
Page 10/25
User Guide - Wireless LAN Configuration


                                          The option ‘Windows zum Konfigurieren der
                                          Einstellungen verwenden’ [Use Windows to
                                          configure the settings] can then be selected.




                                          A new network can be added by clicking on
                                          ‘Hinzufügen…’ [Add].




                                          The SSID is ‘hslu’. Set network
                                          authentication to ‘WPA2’ and encryption to
                                          ‘AES’.
Horw, 17. September 2008
Page 11/25
User Guide - Wireless LAN Configuration


                                          In tab ‘Authentifizierung’ [Authentication]
                                          select option ‘Als Computer
                                          authentifizieren, wenn
                                          Computerinformationen verfügbar sind’
                                          [Authenicate as computer if computer
                                          information is available] and press button
                                          ‘Eigenschaften’ [Properties].




                                          The user must specify ‘QuoVadis Root CA
                                          2’ as the trusted certification authority in
                                          the properties for protected EAP.

                                          Select ‘Sicheres Kennwort (EAP-MSCHAP
                                          v2)’ [Secure password (EAP-MSCHAP v2)] as
                                          the authentication method.

                                          Then click on ‘Konfigurieren…’ [Configure]
                                          to open another properties window.




                                          Employees and teaching staff who are logged
                                          in using their user account should tick this
                                          box.

                                          Students should untick this option. They
                                          will be asked to enter their login
                                          information at a later stage.
Horw, 17. September 2008
Page 12/25
User Guide - Wireless LAN Configuration


                                          After confirming the configuration and closing
                                          the two windows, select option ‘Verbindung
                                          herstellen, wenn das Netzwerk in Reichweite
                                          ist’ [Establish connection if the network is
                                          in range] in tab ‘Verbindung’ [Connection].

                                          Now close all the windows by clicking on
                                          ‘OK’ and the profile has been created.



                                          Windows now attempts to connect. After a
                                          short time a message is displayed at the
                                          bottom right; click on it.




                                          The status window can be closed again.
Horw, 17. September 2008
Page 13/25
User Guide - Wireless LAN Configuration


                                                An input screen now appears in the
                                                background. Here the user enters the relevant
                                                user data and presses ‘OK’. Windows then
                                                establishes the connection.
                                                If the login is successful, the system
                                                displays the SSID (‘hslu’) at the bottom right
                                                as well as information about signal strength.

                                                Please note:
                                                This window is not displayed if you are
                                                logged in on your notebook using the
                                                Lucerne University of Applied Sciences and
                                                Arts domain account.




6.5.   Creating a Profile under Windows Vista
                                                Now right-click on the network icon.




                                                From the menu select ‘Verbindung mit einem
                                                Netzwerk herstellen’ [Establish connection
                                                with a network].




                                                Left-click on the ‘hslu’ wireless network
                                                and then on ‘Verbindung herstellen’
                                                [Establish connection].
Horw, 17. September 2008
Page 14/25
User Guide - Wireless LAN Configuration


                                          Then click on option ‘Zusätzliche
                                          Anmeldeinformationen eingeben oder
                                          auswählen’ [Enter or select additional login
                                          information]…




                                          …and then enter the user data as described.




                                          Then select option ‘Zusätzliche
                                          Anmeldeinformationen eingeben oder
                                          auswählen’ [Enter or select additional login
                                          information] again and confirm the server
                                          certificate check by clicking on ‘OK’.




                                          The connection is then established
                                          automatically.




                                          Finally the user must store the details of this
                                          network by clicking on ‘Close’.
Horw, 17. September 2008
Page 15/25
User Guide - Wireless LAN Configuration


 If you subsequently want to review or change the properties of the ‘hslu’ connection, please
 proceed as follows:

                                                       Select option ‘Systemsteuerung’ [Control
                                                       Panel] from the Start menu.




                                                       The following path will take you to the
                                                       wireless network management function:
                                                       ‘Systemsteuerung ‘ – ‘Netzwerk und
                                                       Internet’ – ‘Netzwerk- und Freigabecenter’
                                                       [Control Panel – Network and Internet –
                                                       Network and Release Centre].

                                                       Then select ‘Drahtlosnetzwerke verwalten’
                                                       [Manage wireless networks].
                                                       Right-click on the network connection to
                                                       show its properties.




                                                       The ‘Einstellungen…’ [Settings] button in
                                                       tab ‘Security’ takes you to the properties for
                                                       protected EAP.
Horw, 17. September 2008
Page 16/25
User Guide - Wireless LAN Configuration


                                          Here you can see both the trusted certificate
                                          (QuoVadis Root CA 2) and the
                                          authentication method.
                                          This should be set to ‘Gesichertes Kennwort
                                          (EAP-MSCHAP v2)’ [Secure password (EAP-
                                          MSCHAP v2)].
                                          You can now define the settings for the
                                          authentication method by clicking on
                                          ‘Konfigurieren…’ [Configure].




                                          Employees and teaching staff who are logged
                                          in using their Lucerne University of Applied
                                          Sciences and Arts user account should tick
                                          this box.

                                          Students should untick this option. They
                                          will be asked to enter their login
                                          information at a later stage.
Horw, 17. September 2008
Page 17/25
User Guide - Wireless LAN Configuration


6.6. Create profile for Mac OS 10.4 (Tiger)
The following configuration instructions are based on Mac OS X 10.4 Tiger. There may be small
differences from one version to another.
                                                       Via the wireless icon at the top right of the
                                                       screen select menu option ‘Internet-
                                                       Verbindung öffnen’ [Open internet
                                                       connection].




                                                        This launches the network management
                                                        program. Start the wizard by clicking on menu
                                                        option ‘Ablage’ – ‘Neue 802.1X-
                                                        Verbindung…’ [Save – New 802.1X
                                                        connection…].




                                                        Then select menu option ‘Konfiguration
                                                        bearbeiten…’ [Edit configuration…].




                                                        You can choose any description you like.
                                                        The connection is shown at the left.
                                                        The user name is ‘campus\username’.
                                                        The wireless network must be ‘hslu’ and
                                                        ‘PEAP’ must be activated.
Horw, 17. September 2008
Page 18/25
User Guide - Wireless LAN Configuration


                                          Once the settings have been saved, the
                                          connection can be established.
                                          The current status can be seen at the bottom of
                                          the window.




                                          When a connection is established for the first
                                          time, the Mac OS requires the user to confirm
                                          it explicitly because it does not automatically
                                          recognise the certificate as ‘trusted’.


                                          The certificate from QuoVadis Root CA 2
                                          can be marked as ‘Immer vertrauen’
                                          [Always trust]. In this case the request for
                                          confirmation will no longer be displayed.
Horw, 17. September 2008
Page 19/25
User Guide - Wireless LAN Configuration


6.7. Create profile for Mac OS 10.5 (Leopard)
The following configuration instructions are based on Mac OS X 10.5 Leopard. There may be small
differences depending on the actual version and the installed patches.

                                                     Via the wireless icon at the top right of the
                                                     screen select menu option
                                                     ‘Systemeinstellung „Netzwerk“ öffnen …’
                                                     [Open system setting “Network”…].




                                                     In the adapter list on the left select wireless
                                                     adapter ‘AirPort’ and activate it.
                                                     Then press the ‘Weitere Optionen …’
                                                     [Other options…] button to go to the
                                                     options.




                                                     The preferred networks are listed under
                                                     ‘AirPort’. A new network can be added by
                                                     clicking on ‘+’.
Horw, 17. September 2008
Page 20/25
User Guide - Wireless LAN Configuration


                                          First enter the following parameters:
                                          - Netzwerkname [Network name]: hslu
                                          - Sicherheit [Security]: ‘Firmenweiter
                                              WPA2‘
                                          - Benutzername [User name]: Your user
                                              name
                                          - Kennwort [Password]: Your password
                                          - 802.1X: ‘Automatisch’

                                          Save the settings by clicking on ‘Hinzufügen’
                                          [Add].



                                          Then you have to go to tab ‘802.1X’.

                                          Select ‘Benutzer’ [User] from the Domain
                                          drop-down list.
                                          Please note that this list is only active if the
                                          802.1x login is deactivated.

                                          A new configuration with the following
                                          parameters must now be added by clicking on
                                          the ‘+’ button.
                                          - Benutzername [User name]: Your user
                                               name
                                          - Kennwort [Password]: Your password
                                          - Wireless network: hslu
                                          - Identification: PEAP

                                          Save the settings by clicking on ‘OK’.
                                          After this the Mac OS X 10.5 should
                                          automatically start to establish the connection.

                                          You can see whether this has been
                                          successful by checking that the connection
                                          status is ‘Identifiziert’ [Identified] and that the
                                          protocol is ‘MSCHAPv2’.
Horw, 17. September 2008
Page 21/25
User Guide - Wireless LAN Configuration


                                          As soon as the connection has been
                                          established for the first time the certificate
                                          query shown on the left is displayed.

                                          In order to prevent this being displayed every
                                          time you can set the certificate to ‘Always
                                          trust’.




                                          Please note:
                                          There is a known problem in that the
                                          connection may not be properly re-
                                          established after a restart or wake-up. This
                                          bug should be fixed in a future release.
                                          However, it is possible to deactivate and
                                          reactivate AirPort manually.
Horw, 17. September 2008
Page 22/25
User Guide - Wireless LAN Configuration


6.8. Creating a Profile under Linux
Since there are various Linux distributions, it is up to the user to procure the relevant additional
software and drivers so that a connection can be established with Lucerne University of Applied
Sciences and Arts' wireless network. The parameters to be used can be seen in Chapter 6.1. We are
prepared to publish functioning configuration files on our website.
The IT Services unit of Lucerne University of Applied Sciences and Arts is aware of two functioning
configurations which look as follows:

6.8.1. Suse Linux 9.3
Configuration file for WLAN connection under Suse Linux 9.3:
ctrl_interface=/var/run/wpa_supplicant
network={
   scan_ssid=1
   ssid="hslu"
   key_mgmt=WPA-EAP
   eap=PEAP
   identity="campus\max.muster"
   password="xxxxxxx"
   phase1="peaplabel=0"
   phase2="auth=MSCHAPV2"
}

For this you need the Linux WPA/WPA2/IEEE 802.1X supplicant which you can download from
http://hostap.epitest.fi/wpa_supplicant.

You will also need to add an entry for certificate "QuoVadis Root CA 2":


6.8.2. Ubuntu 7.10 / 8.04
Please note: The following instructions were created under the ‘Gnome’ desktop environment. This
means that under other environments the windows may look different and/or the settings may be in a
different place. A successfully installed driver for the relevant WLAN card is also necessary.

We recommend that you install the latest version of Ubuntu (i.e. Version 8.04). Occasional WLAN
connection interrupts were sometimes experienced at Lucerne University of Applied Sciences and Arts
when the earlier version (7.10) was in use.

After Ubuntu 7.10 or 8.04 has been installed, the ‘ndiswrapper’ (for using Windows drivers under
Linux) should already be installed, as should the ‘wpa_supplicant’ and the required CA certificates.
If this is not the case, this can be remedied with the help of the ‘Synaptic Package Manager’ (which
can be found under ‘System’ – ‘Administration‘– ‘Synaptic Package Manager‘) or via the shell, as shown
below:


CA certificates:
ubuntu@ubuntu:~$ sudo apt-get install ca-certificates

Network Manager:
ubuntu@ubuntu:~$ sudo apt-get install network-manager-gnome
Horw, 17. September 2008
Page 23/25
User Guide - Wireless LAN Configuration



After the installation the network manager icon appears in the toolbar:    .

                                                        Right-click on the   icon and from the
                                                        menu select ‘Mit einem anderen
                                                        Funknetzwerk verbinden...’ [Connect to
                                                        another wireless network…].




                                                        A small configuration window is then
                                                        displayed. Under ‘WPA2 Enterprise’ select
                                                        ‘Sicherheit des drahtlosen Netzwerks’
                                                        [Security of the wireless network].




                                                        Other fields are then displayed automatically.
                                                        Make the following settings:
                                                        - EAP-Methode [EAP method]: PEAP
                                                        - Schlüsseltyp [Key type]: AES
                                                        - Phase2-Typ [Phase2 type]:
                                                            MSCHAPV2
                                                        - Identität [Identity]: Your user name
                                                        - Passwort [Password]: Your password

                                                        Then click on ‘Verbinden’ [Connect] to
                                                        establish the connection.

                                                        Ubuntu will automatically select CA
                                                        certificate file ‘QuoVaids Root CA2.pem’
                                                        (which can be found in /etc/ssl/certs) when
                                                        establishing the connection.
                                                        If the connection is not successfully
                                                        established, please check this and enter it
                                                        by hand if necessary.
Horw, 17. September 2008
Page 24/25
User Guide - Wireless LAN Configuration


6.9. Next steps
You are now connected to the intranet network.
The following website contains information on how to select printers or connect to network drives
for example: http://hotline.fhz.ch.

Please note:
On private, borrowed and public computers it is possible thanks to ‘cached credentials’ to access all
the resources (network drives, printers etc.) that the user has accessed in the past without having to
go through the authentication process again. However, this entails the risk that third parties could
access the user’s personal resources by means of the cached credentials.

6.9.1. Changing your password
WLAN access to the HLSU network and to the data is controlled by your personal account
information. When you connect to the HSLU network via the WLAN for the first time you must – for
security reasons – change your initial password:

-   Connect via the WLAN to SSID 'Public' (no access data or special settings are required to connect to
    this zone).
-   Launch an internet browser (e.g. Internet Explorer or Firefox) and go to page:
    http://hotline.hslu.ch
-   Select menu option: Kennwort ändern [Change password]
-   Enter user name, the initial password and your new password.


7. Support
Support is available at: http://hotline.hslu.ch or by e-mail: informatikhotline@hslu.ch
or by phone: 041 349 39 99
 (‘Business’ and ‘Engineering & Architecture’ internal no.: 999)
Horw, 17. September 2008
Page 25/25
User Guide - Wireless LAN Configuration


8. FAQ
Q: Why is the connection to "HSLU-WLAN" no longer automatically established when I’m in the
   reception area?
A: This only happens automatically if profile option "Verbindung herstellen, wenn Netzwerk in
   Reichweite ist" [Establish connection if network is in range] (see Page 13) has been specified.
   Please check this setting.
   - If this settings has been correctly specified and the connection is still not established, go to
        window ‘Drahtlosnetzwerk auswählen’ [Select wireless network] and try to connect
        manually to the SSID that you have set up.
   - If there is no list of networks from which you can choose, there may be something wrong with
        your network card. Are you certain that it’s switched on?
Q: I’ve checked all the settings as specified in the guide and I’m still unable to connect.
   Check the system date and time on your notebook.
A: If the date is wrong, the certificate will not be accepted.

     Please also check to see if your notebook has a switch that turns your WLAN card on and off:

								
To top