| Table of Contents |
|---|
Testing your eduroam setup (especially when you are new) can be daunting. The developers of the wpa_supplicant software on Linux provide a handy tool called eapol_test that will test an EAP authentication flow like a client with a lot of debug information.
eapol_test is traditionally only available on Linux. Instructions to build it for Linux and for 64-bit Windows (Windows 7 and later) are below.
If you do not want to build eapol_test for Windows yourself, you can download a digitally signed copy at Github: https://github.com/janetuk/eapol_test
Linux
Build on Linux
Preparatory work
...
| Code Block | ||
|---|---|---|
| ||
sudo apt-get install libssl-dev |
NOTE: The following packages may also be required: libdbus-1-dev, libnl-3-dev, libnl-route-3-dev and libnl-genl-3-dev, as well as configuration changes in dbus/dbus_new.c (Ubuntu 20).
Building eapol_test
Download wpa_supplicant's source at https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
Unpack the wpa_supplicant distribution, change into the wpa_supplicant/ subdirectory and create the default config file by executing
...
Copy this to a Windows box. Run it without parameters in a command-line window (this is not a GUI application). It should display command-line parameters.
...
Run it without parameters in a command-line window (this is not a GUI application). It should display command-line parameters.
...
| Code Block | ||
|---|---|---|
| ||
network={
phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=0 tls_disable_tlsv1_3=1 peapver=0"
key_mgmt=WPA-EAP
eap=PEAP
identity="<username@realm>"
anonymous_identity="@realm"
password="<userpassword>"
phase2="eapauth=MSCHAPV2 mschapv2_retry=0"
# ca_cert="<full path of the CA root certificate>"
# subject_match="<subject CN>"
# altsubject_match="<DNS: entry from subjectAltName>"
# domain_match="<subject CN>"
} |
To use server certificate validation, uncomment the ca_cert line.
...