Hello. I have a question related to WAP enterprise on Android. Basically, my employer has detailed instructions on how to connect to the building wifi via BlackBerry or iphone but sadly not Android. I was wondering if there is a workaround or hack for this that would enable me to connect using either BB or iphone settings. I downloaded WiFi Advanced from the Market but I haven’t been able to figure out what to fill in what field ( I do see checkboxes for LEAP and WPA Enterprise mentioned below but no proxy field). Any tips using this app or another solution is appreciated! These are the settings I need to enter:
BlackBerry:
Setup Wifi Network: Office network name (appears as WPA Enterprise)
Select LEAP as security type
Enter username and password (which I have)
Connect to network
Manage connections , choose Enterprise Subtype as LEAP
Enter username and password (which I have)
Iphone:
Enter Wifi settings, tap Other
Enter network name, tap Security
Choose WPA Enterprise for security
Enter username and password (which I have)
Connect to network
Tap blue arrow next to network name and tap Auto under proxy
Enter proxy URL
So one uses LEAP and the other one asks me for a Proxy so I am not sure which one might work for my Samsung Galaxy S2 using Wifi Advanced app from the Market.
NOTE: I am able to create the network and it shows as connected but no internet access, its says WPA_EAP IEEE8021X below the name, but dont know how to take it from there in Wifi Advanced to complete the setup as per above .
Any help is appreciated!!!!!!
I have exactly the same problem. Any ideas?
erkan79 said:
I have exactly the same problem. Any ideas?
Click to expand...
Click to collapse
This thread is pretty old, but I don't see any reply to this problem so I thought to share solution that worked for me.
As per your description "Garoto1973" your network connection didn't establish. It failed while authenticating. You may find below steps useful.
I was able to connect to my companies PEAP network by using following configurations. Please note that I am using adb to modify wifi settings so your phone should be rooted.
1- Connect your phone to your PC.
2- Pull wpa_supplicant.conf file to your machine for editing:
adb pull /data/misc/wifi/wpa_supplicant.conf
3- Edit wpa_supplicant.conf file adding this configuration for your network:
network={
ssid="<YOUR_NETWORK_NAME>"
scan_ssid=1
proto=WPA
key_mgmt=IEEE8021X
pairwise=TKIP
group=TKIP
auth_alg=OPEN
eap=PEAP
identity="<DOMAIN\IDENTITY>"
password="<YOUR_PASSWORD>"
phase2="auth=MSCHAPV2"
eapol_flags=2
}
Note that "eapol_flags=2" is very important or connection fails for me with error "W/wpa_supplicant(27862): EAPOL: Failed to set WEP key to the driver."
4- Replace wpa_supplicant.conf on your mobile with the modified file:
adb push wpa_supplicant.conf /data/misc/wifi
5- Reassign user and group for wpa_supplicant file:
adb shell chown 1010 /data/misc/wifi/wpa_supplicant.conf
adb shell chgrp 1010 /data/misc/wifi/wpa_supplicant.conf
6- Restart wifi and it should connect
hello, not sure if it will help.
try to use aplication LEAP WIFI free from the market. With this app I am able to connect to my corporate network
Related
This mod take a couple of minutes to complete and allows for PEAP wifi connections. Requires root access and ADB knowledge.
I AM NOT RESPONSIBLE FOR ANY ISSUES YOU CREATE WITH THIS. IT IS A ROUGH GUIDE AND WORKS FOR ME. DO AT OWN RISK.
Tutorial For Adding LEAP/PEAP Wifi
1. Open Command prompt window in Windows.
2. Go to your directory that you have Android SDK in.
3. Change directory to Tools. So for eg. C:\Android\Tools
4. Type in adb devices. You should see your device. If not install ADB driver. Google it.
5. Type in adb pull /data/misc/wifi/wpa_supplicant .conf c:\wpa_supplicant.conf
6. This stores wpa_supplicant.conf on your C: drive.
7. Open file with wordpad.
8. Add the following to the files:
for PEAP add this code:
network={
ssid="Your SSID"
key_mgmt=WPA-EAP
identity="Your Username"
password="Your Password"
}
for LEAP use this:
network={
ssid="Your SSID"
scan_ssid=1
key_mgmt=IEEE8021X
auth_alg=OPEN SHARED LEAP
eap=LEAP
identity="Your Identity"
password="Your Password"
}
9. Save the file.
10. Type push c:\wpa_supplicant.conf /data/misc/wifi/wpa_supplicant .conf
11. Now the important part. If you miss this your wifi will not work after reboot.
12. Type adb shell
13. Should get # prompt.
14. Type su.
15. Type cd /data/misc/wifi
16. Type chown 1010 wpa*
17. Type chgrp 1010 wpa*
18. Close command prompt window and enjoy LEAP/PEAP wifi.
What is the difference between the two?
A question that might help the unacknowledged
EAP and LANs
EAP originated with the dial-up PPP protocol in order to support protocols beyond PAP and CHAP. For use on packet networks, EAP Over LAN (EAPOL) was created. EAPOL added new message types and allowed an Ethernet header to be prefixed onto EAP messages so they could be transmitted via Ethernet. Following are various EAP methods used mostly in wireless networks, but also in wired networks. See 802.1X, WPA and 802.11i.
EAP-TLS (EAP-Transport Layer Security)
Uses the handshake protocol in TLS, not its encryption method. Client and server authenticate each other using digital certificates. Client generates a pre-master secret key by encrypting a random number with the server's public key and sends it to the server. Both client and server use the pre-master to generate the same secret key.
EAP-TTLS (EAP-Tunneled TLS)
Like EAP-TLS above except only the server has a certificate to authenticate itself to the client first. As in EAP-TLS, a secure connection (the "tunnel") is established with secret keys, but that connection is used to continue the authentication process by authenticating the client and possibly the server again using any EAP method or legacy method such as PAP and CHAP.
PEAP (Protected EAP)
Similar to EAP-TTLS above except it does not support legacy methods. It only moves EAP frames. Windows XP natively supports PEAP.
LEAP (Light EAP, Cisco LEAP)
From Cisco, first implementation of EAP and 802.1X for wireless networks. Uses preshared keys and MS-CHAP protocol to authenticate client and server to each other. Server generates and sends session key to access point. Client computes session key independently based on data received in the CHAP challenge.
EAP-FAST
(EAP-Flexible Authentication via Secure Tunneling)
Enhancement to LEAP from Cisco that provides an encrypted tunnel to distribute preshared keys known as "Protected Access Credential" (PAC) keys. PAC keys may be continuously refreshed to prevent dictionary attacks. EAP-FAST is defined in Cisco's Cisco Compatible Extensions (see CCX).
EAP-SIM (GSM Cellphones)
For GSM phones that switch between cellular and Wi-Fi networks, depending on which is in range. The Subscriber Identity Module (SIM) smart card in the GSM phone (see GSM) contains the secret key used for challenge/response authentication and deriving session keys for encryption.
Click to expand...
Click to collapse
Source:www.pcmag.com/encyclopedia_term
thanks
Thanks for the help clarifying that for peoples.... its finally great to be able to use the WiFi at school... would be nice to implement it automatically, I can't write the code.... but if anyone would like too it would really add to the community....
Maybe I'm misunderstanding this but i know when i try to use LEAP at school, it already has options and what not for it on my phone, none of this is necessary for me
I know with my school which is (PEAP) you couldn't input a username just a password! so if you are having troubles connecting to a LEAP or PEAP connection this is a way to workaround and get it working. If you can already connect don't worry about it! this is for those who cant connect and get crappy data in class! haha
Does this work with MS-CHAP ? How do I define it?
Thanks!
MS-CHAP already works out of the box. At least I can connect at work with PEAP, MS-CHAPv2. Could be a CM 5 thing though.
Thanks for posting this! while it did not directly solve my problem, it made me redouble my efforts to get on my company's wlan with my N1. I have tried this many times over the years with various phones including UIQ3, WM6 and never got anywhere. I always assumed that there was some sort of certificate or windows domain stuff going on.
So this morning I did a wireshark trace and put my laptops drivers into debug logging to find out how my laptop connects.
A bit of googling for the stuff I found enabled me to get a working supplicant.conf on the third attempt and I am amazed!
Appear to be using WPA2 Enterprise with EAPOL LEAP with CCMP encryption on Cisco access points.
Here is the network part of my wpa_supplicant.conf in case it helps anyone:
network={
ssid="SSID"
scan_ssid=1
key_mgmt=WPA-EAP IEEE8021X
auth_alg=SHARED LEAP
group=CCMP
eap=LEAP
identity="DOMAIN\User"
password="Password"
}
maedox said:
MS-CHAP already works out of the box. At least I can connect at work with PEAP, MS-CHAPv2. Could be a CM 5 thing though.
Click to expand...
Click to collapse
Doesn't work for me on stock rom.
What works for PEAP with MSCHAPv2 in my school is:
network={
ssid="<ssid>"
scan_ssid=1
key_mgmt=IEEE8021X
eap=PEAP
identity="<userid>"
password="<password>"
phase2="auth=MSCHAPV2"
priority=2
}
(Previously posted on my blog at http://zitseng.com/archives/2729)
It works, Thanks!
There's a way of doing that without root access:
code.google.com/p/android/issues/detail?id=1871
Step 16 17
when i type
16. Type chown 1010 wpa*
17. Type chgrp 1010 wpa*
i get the error:
"no such user '1010'"
"chgrp: not found"
what is it mean?
Is there anything I may have done wrong?
tanks
Doesn't work for me for some reason. Do you think having CM6 RC3 would make a difference? Not that I could see it doing so.
I've tried a few of the above suggestions but none work for me
The worst thing is it worked fine before I updated my Nexus One to FroYo!
my current settings for the uni are:
network={
ssid="UoN-secure"
key_mgmt=WPA-EAP IEEE8021X
eap=PEAP
identity="username"
password="password"
phase2="auth=MSCHAPV2"
}
Any help would be appreciated
The problem I am having is that it will not keep the Phase 2 auth - MSCHAPV2 setting when I set it up. Every time I go back into the ssid settings (modify network) it has reverted back to "none". However the information above was pulled from the phone so it obviously is storing the MSCHAPV2 setting, just doesn't seem to be using it!
actually cm6 rc3 should have support for Leap/PEAP i have been using it for a while without this hack.... what type of connection are you trying to connect too?
Mark here.
Thanks in advance for any help offered.
Searched around here and elsewhere since last year & can't find a solution. (please don't copy whole message in reply)
Ideal solution either: 1. Able to store/save settings and password so it does not need to be entered every day (many times) or 2. Load certificate correctly.
I have a TMous HD2 running Energy ROM (Feb 2011 version)
Connects fine to home WiFi's without prompts. Also to about 10 others when traveling - no probs.
It does not connect easily to my work WiFi. I have worked out a method, but I need to re-enter settings and password many times a day. With high security p/w with various characters etc it's a real pain.
To do so, I have setup link to WLANSettings.exe on home screen. I use these settings: 1. Work (not internet), 2. WPA2/AES, 3. PEAP (not Smart card or cert). OK. Then asks for login, password (no domain needed). First time enter login etc it doesn't connect. Second time I've learned to hit OK again and after a few seconds it connects.
If I go though the 'normal' WiFi setup it asks for a Certificate. I enter the server for the cert, password as above and it will not find it. They gave me a cert file ('home grown' PEAP Authority certificate Thawte Premium Server CA) but it loads into Intermediate, not Personal and does not work. Apparently iPhone & iPad link to cert server and install it fine.
Tried:
1. I tried Odyssey (Odyssey Access Client for Windows MobileCE - Juniper Networks ). Helps, but not perfect, but it messes up my home connection. so uninstalled (updated ROM since then)
2. Tried programs to load cert. No go. (p12imprt, pfximprt; smartphoneaddcert). Various error messages - can't remember them - along the lines of not signed, not .pfx cert etc.
3. Exported cert. from PC's (WinXP) Firefox. Can't convert it to a .pfx to use the above.
Work does not support Win Mobile. So no support offered - though they've tried to help.
The settings for my mates Nokia which does work are:
PEAP and the fields are:
Personal certificate: not defined
Authority certificate: Thawte Premium Server CA User name in use: user defined User name: 'must leave blank'
Realm in use: user defined
Realm: 'must leave blank'
Allow PEAPv0: Yes
Allow PEAPv1: Yes
Allow PEAPv2: No
Under MSCHAPv2 within PEAP settings are
User name : your 'username'
Prompt password: no
Password: your 'password'
Have tried following also (rough notes):
HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25.
"InvokePasswordDialog" and "InvokeUserNameDialog" value 1, switch to 0. Works till restart.
go to commMan/ menu/ settings set work & proxy or commMan/Conns/conns
changed to HKLM, gone to directory comm\EAP\extension\25. added a folder called validateservercert and added a key to this folder - DWORD. it asks me to edit the DWORD value - in value data i have added 00000000 and selected hexadecimal.
add the key [HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25] and [HKEY_LOCAL_MACHINE\Comm\EAP\Extension\26]
Mmm... 'tis a difficult one.
>"Ideal solution either: 1. Able to store/save settings and password so it does not
>need to be entered every day (many times) or 2. Load certificate correctly."
Another alternative would be software to manage WiFi login - that saves passwords.
I tried Odyssey, but it messed up home connections. WiFi Monster does not do it.
Anything out there?
Mark
Found this guide here. . Thought I should share as it might help someone here. Thank the original writer.
Please read the whole guide once before trying. This will help in making the process easy as most of the parts are covered in detail.
1. Introduction:
You got a file in Windows PC and you intend to transfer it to your Android device. The most common way is that we connect the device to system via USB cable. However there are alternatives such as the Bluetooth or Wi-Fi. Bluetooth is a very slow method when compared to USB and Wi-Fi. So let us take Wi-Fi as the medium. Now let me first tell you various advantages and disadvantages regarding USB when compared with WI-Fi:
Disadvantages of USB v/s Wi-Fi
1. The phone should be near to the system = you being near the system too ---- This is avoided. All you need that the PC and device to be connected to the Wi-FI network
2. Cluttering of wires ---- Avoided
3. Drivers may have to be installed ---- No drivers needs to be installed
4. In a whole way, its not very productive ---- Oh very productive
Advantages - the only one is that files transfer speed is high ---- Yes. USB has a upper hand here. Wi-Fi transfer speed is low when compared. But the difference is just a few minutes. We can live with that
So excited to start using the Wi-Fi method? Then make sure you meet the requirements.
2. Requirements:
1. Wi-Fi router - PC should be connected to this either through LAN/ Wi-Fi
2. Install ES File Explorer in your Android device (you can try other file explorers like FX File Explorer, Solid Explorer, Astro File manager). The methodology for other apps are quite similar. I will take ES File Explorer as example as I have found it to be simple and fast.
3. Windows PC with 2000/XP/Vista/7/8 (I have not tested in Windows 8 personally)
4. Administrative access for Windows PC
3. Steps:
Step 1. Install ES File Explorer
Step 2. Find IP Address, make static IP and find system name [optional]
i. Find your IP address - to do this follow the steps as below:
a. Start -> Run (or press Windows key + R)
b. Type "ncpa.cpl" (without quotes) and press enter
c. You will see the Network Connections now
d. Identify the one which is connected to the Wi-Fi router. It will be either the LAN adapter or Wireless adapter. In my case it is the Wireless adapter.
e. Double click on the connection
f. Click on details and here note down the IPv4 Address. Also make not of IPv4 Subnet Mask, Default Gateway and DNS Server.
View attachment 1343982
ii. If you are going by IP address method then it is better yet to make the IP address as static [thank you kjplasma for the tip].
An static IP address means that your system will be having the same IP address all the time and will not be changed anytime later by the router. To set static IP address:
a. Go to Network Connections
b. Double click on the connection
c. Click on properties
d. Double click on - Internet Protocol Version 4 (TCP/IPv4) and fill up the IP address as you have noted them down above.
e. Click on OK for all dialogue boxes.
View attachment 1343983
iii. You can even make note of the system name by checking the properties of “My Computer”. To do this:
a. Go to Start - Right click on My Computer [Shortcut -> Windows + Pause/Break]
b. You can find the computer name under "Computer name, domain, and workgroup settings"
View attachment 1343984
If your going by this method then it is not necessary to note down or change the IP address. However I feel that tracking your system through IP address in ES File Explorer is much more efficient and fool proof. Either the system name or IP address its okay.
Step 3.a. Windows 2000 PC
i. Open ES File Explorer in your device
ii. On top right corner tap on "Local" - select LAN
iii. Tap on "New"
iv. Here you can either scan for your system or Click on Server
v. Here in server field type the IP address (that is IPv4 Address) or the system name
vi. Type in the Username and Password which you use to access your Windows PC
vii. Give a name under "Display as" for easy identification
viii. Tap on OK.
ix. Now you will see an laptop with globe icon. Tap on it and you will see all your files/folder of the system there.
Step 3.b. Windows XP PC:
i. Firstly you will need to enable Guest account by going to Control Panel – User Accounts – Guest Account – Click on "Turn on Guest account". This is because there is no other way I found to access the files in Windows XP in Android device with actual user name and password.
ii. Share the drives or folder you want to access [Refer the Reference Note 1 below to know how to share a folder]
iii. Open ES File Explorer in your device
iv. On top right corner tap on "Local" - select LAN
v. Tap on "New"
vi. Here you can either scan for your system or Click on Server
vii. Here in server field type the IP address (that is IPv4 Address) or the system name
viii. Type in the Username and Password which you use to access your Windows PC
ix. Give a name under "Display as" for easy identification
x. Tap on OK.
xi. Now you will see an laptop with globe icon. Tap on it and you will see all your shared files/folder of the system there.
Step 3.c. Windows Vista/7/8 PC:
i. Share the drives or folder you want to access [Refer the Reference Note 1 below to know how to share a folder]
ii. Open ES File Explorer in your device
iii. On top right corner tap on "Local" - select LAN
iv. Tap on "New"
v. Here you can either scan for your system or Click on Server
vi. Here in server field type the IP address (that is IPv4 Address) or the system name
vii. Type in the Username and Password which you use to access your Windows PC
viii. Give a name under "Display as" for easy identification
ix. Tap on OK.
x. Now you will see an laptop with globe icon. Tap on it and you will see all your shared files/folder of the system there.
Note: If you are using blank password for logging into windows then follow the steps below:
a. Run - gpedit.msc to access Group Policies
b. Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options
c. Find -> Account: Limit local account use of blank passwords to console logon only
d. Double click on it and select "disable"
View attachment 1343985
Uploaded with ImageShack.us
4. Reference Note 1 - How to share folders:
On Windows XP:
a. Right click on the folder you want to share
b. Go to the sharing tab
c. Click the "If you understand the risk but still want to share the folder, click here"
d. Under "Network Sharing and Security" tick on "Share this folder on the network" and also on "Allow network users to change my files"
e. Click OK
View attachment 1343986
On Windows Vista/7/8:
a. Right click on the folder you want to share
b. Go to the sharing tab
c. Click on "Advanced Sharing"
d. In the next dialog box tick on "Share the folder"
e. Click on "Permissions" and tick on all the checkboxes under allow.
View attachment 1344010
5. Troubleshooting:
1 - The "Login Error"
View attachment 1344070
You might get a login error at times. It happens highly when you use the computer name instead of the IP address and sometimes the error pops up even when using the IP address. You can try the below troubleshooting steps:
a. Delete the connection entry
b. Make a new entry and use the IP address this time
c. If the problem still persists, then try opening it 5-6 times repeatedly by ignoring the error.
d. If the problem still persist, then delete the connection, exit ES File Explorer completely and create a new connection again by using the IP address. This time it should work.
I feel this is a bug in the app. Hope it will be fixed in future.
Note - I was using ES File Explorer before FX File Explorer came to play store. Later after trying FX File Explorer, it had not given any error at all and hence its much more reliable. But for that you will have to pay as the app is out of beta.
2 - Wrong Username/Password even when entering the correct one
This usually happens if you put the system name instead of the IP address in the app. What you can do delete the entry and then close the app and reopen it and try a new connection with the IP address itself as this will solve the issue.
6. Useful tips:
1: You can increase the transfer speed by moving near to the router. The closer you are to the router the higher speed you gain.
2: You can even make shortcut of the folder in the network and place them on the home screen of the app. Do to that on ES File Explorer simply long press on the folder and choose "Add to server list".
7. Other Notes:
1: Please note that no internet connection is required to make this possible. Everything is done through the local network. Take out the idea from your mind that Wi-Fi is only for internet.
2: There are various other apps like KiesAir, AirDroid. But that will require you to be near the PC and access the files through a WebUI. But the guide which I have laid out here works from PC to device directly. You can sit at your living room, kitchen or bedroom or where you like within the Wi-Fi network and you are good to go.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Hope you find this guide useful. Please leave feedback and do post here for queries. Thanks!
Nice guide. Looks a lot like the one here.
Do you know Harsha Raj? Might want to give him some credit.
ramjet73
Thanks, but........
Isn't it a lot easier to use gmote ? , also it comes with more features , like control of pc aswell as media streaming between pc, smart phones, smart TV's and game consoles, to name a few ,
ramjet73 said:
Nice guide. Looks a lot like the one here.
Do you know Harsha Raj? Might want to give him some credit.
ramjet73
Click to expand...
Click to collapse
Yes, was about to do the same but was busy with other thread that I found in SGS2 section
My rooted Samsung Galaxy SCL couldn't connect to a WEP wifi network.
After analyzing traffic I found it was using SKA authentication instead of Open Authentication.
The line it uses in wpa_supplicant.conf is:
auth_alg=OPEN SHARED
If I change it to this it works:
auth_alg=OPEN
- 1. Is this normal? According to some manual "OPEN SHARED" should try both methods, but it looks it was only trying the later.
- 2. Shouldn't the interface ask me whether i want Open or Shared?
- 3. I know I shouldn't be using wep.
(Asuming all drivers are installed and you have a hotspot plan or you are able to use hotspot with no problems)
Android 2.3.6
4.5.141.MB860.Att.en.US
Phone connected to usb and USB tether turned on, computer not connected to internet
Windows is connected to "Unidenfied Network" and there's no internet access. You must set manually ip.
open command promp and execute "adb shell ifconfig" (or android terminal on phone and execute ifconfig)
Find interface "usb1"
[*]Find "inet addr" and write somewhere the value (mine is 192.168.42.129)[*]Find "Mask" and write somewhere the value (mine is 255.255.255.0)
Click on network icon, Open Network and Sharing Center.
At the left, click "Change adapter settings"
Right click on the atrix network adapter (find a network adapter with the text "remote NDIS adapter..."; select "Properties"
Click on "Internet Protocol Version 4"
Click in "Properties" button
Click on "Alternate Configuration"
Click on "User Configured"
IP Address: Pick an ip address. Same value as phone except for last number (if phone ip is 192.168.42.129 you could pick 192.168.42.130 for example)
Subnet mask: Same as Phone (mine is 255.255.255.0)
Default Gateway: same ip addres as phone
Prefered DNS Server: 208.67.222.222
Alternate DNS Server: 208.67.220.220
You can also use Prefered DNS Server: 8.8.8.8 and leave alternate in blank
Click ok and save/apply changes
Wait a while and windows will connect to phone and internet will work
------------------
Also if mobile hotspot not working change current apn settings and delete "apn type".