search

opendata-stuttgart / meta

Opendata Stuttgart organisiert und reguliert.
123 stars 19 forks source link

Wifi Connection with a WPA2 EAP-PSK network #84

Closed charliesz closed 6 years ago

charliesz commented 6 years ago

Hello everyone,

I try to connect my sensor to a network with WPA2 EAP-PSK (WPA2 Enterprise), so you do not have a single password, instead you have a personal user account with an individual username and a individual password. Neither I coud find a solution in the wiki nor in the _extdef.h file. I try to connect the sensor to the network of my university (RUB). Here is an example for a proper connection file:

network={
    ssid="eduroam"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=TTLS
    anonymous_identity="anonymous@ruhr-uni-bochum.de"

    # identity settings:
    identity="LOGINID@ruhr-uni-bochum.de"
    password="PASSWORD"

    # path to CA certificate:
    ca_cert="/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem"

#    phase2="auth=PAP" # INSECURE
    phase2="auth=MSCHAPV2" # LESS INSECURE

    proto=RSN WPA
    mode=0
    pairwise=CCMP TKIP
    group=CCMP TKIP

    # check correct certificate
    subject_match="/C=DE/ST=Nordrhein-Westfalen/L=Bochum/O=Ruhr-Universitaet Bochum/OU=Network Operation Center/CN=radius.ruhr-uni-bochum.de"
}

Information about the network

I'm happy about any helpful advise or a link to another website/contact.

Thank you Lukas

ricki-z commented 6 years ago

Our sensor doesn't support WPA2 EAP-PSK. This needs too much resources on the esp8266 to run stable.

charliesz commented 6 years ago

Thanks for your answer. I just found those two promising Links in github for my problem Link1 Link2. I will update my progress as soon I have time to experiment with the new information.

L0laapk3 commented 6 years ago

@charliesz have you gotten anything to work without generating a certificate in advance with a pc?

charliesz commented 6 years ago

Hey @L0laapk3 , so I'm absolutly new to networks, but if you mean being connected to "eduroam" without a certificate, yes kind of. In my android network settings I can ignore the certificate and still get access to the internet.

ricki-z commented 6 years ago

The software needs to process the certificate given by the hotspot. And this needs too much RAM, even if we ignore it (this means no vaalidation is done).

charliesz commented 6 years ago

Hey @ricki-z thanks for your help. You see I'm pretty lost with the internet connection. Is there (an easy =]) a way to replace the chip for example with a pi zero and use the script with only a few adaptions for the internet connection or do I have start a complete new project to get a sensor working in eduroam? Thank you for helping me

ricki-z commented 6 years ago

The ESP8266 and der Pi Zero use completely different cpus so there is no (easy) way to use our Arduino source code with 'only a few adaptions'. But there is a python script for Raspberries. You can find the link to this script here: http://luftdaten.info/faq/