Thread: [Kindle Touch] Support for Enterprise WPA
View Single Post
Old 02-21-2012, 05:52 AM   #11
matejs
Member
matejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with othersmatejs plays well with others
 
Posts: 10
Karma: 2602
Join Date: Jan 2012
Device: Kindle Touch
Arrow Configuration for eduroam
Quote:
Originally Posted by nick-tech View Post
did anyone configure this for eduroam already?
Just did :-).

This is configuration for Eduroam at MFF UK, Czech Republic. (eduroam.cuni.cz).
It should work for other universities too. Tested on Kindle Touch 5.0.3 with package 1.2.

this is my eduroam.cfg:

Code:
ssid eduroam
scan_ssid 1
key_mgmt WPA-EAP
pairwise CCMP
group TKIP
eap PEAP
identity "12345678@cuni.cz"
password "****************"
anonymous_identity "@cuni.cz"
altsubject_match "DNS:radius1.eduroam.cuni.cz;DNS:radius2.eduroam.cuni.cz"
phase1 "peaplabel=0"
phase2 "auth=MSCHAPV2"
Change identity, password, anonymous_identity and radius servers.

Running 'iwlist scan' from your Kindle (or nearby Linux computer with WiFi) should give you the values for encryption ciphers (group, pairwise).

There seem to be multiple CA certificates used at different universities.
If you can't find those provided by your university, try one of the attached ones. UVT-89-version1-UTN (Terena CA) worked for me. Save the certificate as eduroam.pem .
Attached Files
File Type: txt AddTrust_External_CA_Root.txt (1.5 KB, 342 views)
File Type: txt UVT-89-version1-UTN.txt (1.6 KB, 316 views)
File Type: txt eduroamUS-cacert.txt (1.7 KB, 335 views)
Last edited by matejs; 02-29-2012 at 09:00 AM. Reason: removed = from anonymous_identity, added info about iwlist scan
matejs is offline   Reply With Quote