Recent Changes - Search:

Help Topics

User Accounts

Additional Help

Staff Docs

  • (Private)

edit SideBar

Wireless

Wireless Network Access

You will NOT need to fill out a network activation form as you have to for wired network access. The access is based on authentication and not registration.

This page discusses how to setup your computer to access the ECE/CIS wireless network. We use Radius to authenticate users on the network. Unlike most wireless authentication schemes, you will use your ECE/CIS username and password to authenticate, rather than a hexadecimal or ascii key.

Installation

In order to get access to the wireless network of the department, you need to install and configure some features on your computer.

Installation requires certificate files and 3rd party software to be installed on your computer.

Summary

The following will need to be completed for your operating system. Select your operating system below for specific instructions.

  1. Download and install a certificate that will allow you to recognize the department servers (This can be automatic for some OS).
  2. Download and install an EAP/TTLS client. This is required for using the certificate and to authenticate you as a user. That is, you will be able to use your unix username and password to login to the network. EAP/TTLS is a strong security protocol to simplify the management of a wireless network and avoid more of those "registration forms".
  3. Setup the EAP/TTLS and wireless network on your computer.

Select your operating system for specific instructions:

The automatic installer has shown to very unreliable thus the manual configuration is recommended. Also, since you will need the latest SecureW2 software version for Windows 7 you have to work with the manual procedure.

If you already know about this type of security, the information you might need is:

SSID: acad
Outer Authentication User: anonymous
Outer Authentication Password: none (i.e. empty).

Inner Authentication User: your Unix account
Inner Authentication Password: your Unix account password
Inner Authentication Domain: none (i.e. empty).

If you are visiting and you need temporary access you may need to ask for a visitor account. You can do this using the Help Request System.


Frequently Asked Questions (FAQ)

If you're having problems, one of your questions may be answered below. If you're still having problems, submit a help request using the Help Request System.

Fundamentals of EAP/TTLS

What is EAP/TTLS? Why Should I use it?

EAP/TTLS is an authentication scheme, that allows you to authenticate your information in the network based on a username and password.

When you are connected to an open wireless router, some people can "listen" to the packets transmitted through the network, and pick important information out of it. Some routers provide security features like WEP keys or WPA. A WEP key is a code that the router uses to encrypt your information, therefore your information is not traveling unprotected. A WEP algorithm, encrypts your data changing the keys, but using the same original "seed" which is the WEP key. Consequently, this security can be broken.

Security practices would require to change your keys periodically. Thus, everyone has to receive the key, and at the moment of changing it, you'll have to modify your computer configuration to gain access to the network again. This might be problematic from the administrative point of view.

The solution comes with the EAP/TTLS. This protocol uses a random generated key based on an outer identity, this key is used to establish a connection with an authentication server. The authentication server sends an encrypted challenge, used to submit an inner authentication (in this case your unix username and password pair). From there, the wireless router can change encryption keys randomly since the network already know who you really are.

A certificate is used to confirm the identity of the authentication server, thus you install a certificate that matches a pair certificate in the server, to make sure you are not sending your login information to another server.

UD network works differently, why?

The UD network (Network ID: UDel) uses MAC address authentication. In this case, the equipment is tied to you. You are responsible for that equipment and anything that happens with it. Registering your network adapters of your computers for use, might not be a problem. However, if you change your computer, or you quickly want to use one from a friend, you need to register that computer. Which is not a problem, but MAC addresses can be spoofed. In this way, someone can do something on your behalf without being noticed.

Requirements

How do I know if my unix account is an academic or a research account?

Try to log in to a research server like stimpy.ee.udel.edu. If you are not allowed it means you have an academic account. However, if you have a research account, you also have an academic account, and that means you are able to log in to any network.

Does my old computer work in this network? What about my new PDA?

As long as you have a wireless network adapter compatible with 802.11b or 802.11g, it should work fine. However, systems based on Windows ME, 98, 95, and 3.x haven’t been tried for this network and most likely need an authentication client to gain access to the network. PDAs need an authentication client as well. If they have a Wi-Fi (802.11b/g) adapter, they should work. However, the EAP/TTLS client (supplicant) might not be available for some of them.

What kind of network adapter should I buy?

The most popular wireless protocols are 802.11b and 802.11g. Both of these should work fine.

My computer has an 802.11a adapter, can I log in to the wireless network?

No, the 802.11a has a different frequency of operation and requires the corresponding infrastructure. Although some of the ECE/CIS routers support this technology, higher frequencies used by 802.11a are attenuated easier than those of 802.11b or g. Therefore, the range of operation and received signal strength are not high enough for good coverage.

I have a Bluetooth or infrared adapter; can I get into the wireless network using it?

No, although the Bluetooth and infrared ports are wireless technologies. Neither of them work under the standard used by the department network.

Configuration

Can I use another client to get connected to the network?

Any client supporting EAP/TTLS is able to authenticate in the network. The clients provided here are free and public, if you don’t feel comfortable using it you can get any other of your preference.

Sometimes my computer refuses to connect, and the network is not shown as an available network.

The acad network does not broadcast its SSID, which means your computer does not detect it as easy and show it regularly on the list of available networks. However, for windows XP, a patch to allow your computer to connect to a non-broadcast SSID network was recently released. The patch can be downloaded from Microsoft's web page

Connectivity

I just changed my password and it is not working for the wireless network.

The system updates the password list periodically. If you change your password today, try using your old password until the system reads and updates the password database.

My windows system says limited or not connectivity.

This means that your system did not get a valid IP Address. Try repairing the connection or check that your IP address is not manually set but allows DHCP. Also try opening a command window (start -> run -> cmd) and type:
C:\>ipconfig /release
C:\>ipconfig /renew
to force your computer to get an IP.

My computer is taking too long to get connected to the network.

Although the authentication is a process that can take some seconds, the signal strength has an important part in the process. If you don’t have good signal, try to get closer to the antennas of the Access Point on your floor. It is also expected that many people trying to connect to the service at the same time, increases the requests to the server, increasing in this way the waiting time. Do not disable and enable the wireless adapter many times. This will send you to the last place in the queue. Your waiting time due to your old requests will be increased.

Can I get connected to any wireless access point in the university network?

Currently you are able to get connected to the wireless network infrastructure deployed by the ECE and CIS departments. There are routers located at Evans Hall, Smith Hall (1st floor Seminar room, 2nd floor east labs (above 1st floor seminar room) and 4th floor), Dupont Hall (1st and 3rd floors) and 77 E. Delaware Ave. (Green House).

Edit - History - Print - Recent Changes - Search
Page last modified on December 09, 2011, at 02:17 PM