What do you mean "Run of the Mill" Mine has blinking lights and an antenna. :-) -----Original Message----- From: plug-discuss-bounces@lists.plug.phoenix.az.us [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Michael Butash Sent: Saturday, June 13, 2009 5:43 PM To: Main PLUG discussion list Subject: RE: my router hates me Bob is right, you don't need a radius server to run WPA/WPA2. Most of your generic run o' the mill routers do PSK, preshare keys as other members have stated. This is fine for most any consumer. This is documented typically as WPA[2]-PSK. If you have you ask what radius is, you don't need it. Try and go with WPA2-PSK (with aes specifically) where possible, so long as your nic supports it. I love ubuntu, but their wireless capability tends to be crap before 8.10. You also tend to have issues with the kind of adapter, hardware crypto methods are dependent on the hardware supporting it. Older and/or cheap wifi nics tend to have a lot of particular driver issues, especially usb ones. I have an old ppc imac running ubuntu810 that can't do over wep because of its ancient aircard, despite the supplicant (wicd,networkmanager) supporting it, but offers no errors to tell you this. You just beat your head against a wall for half a day until you realize your own futility. Moral of the story, make sure yours does. Prior to ubuntu810, i simply used scripts launching wpa_supplicant for most non-PSK authentication methods (leap,peap), and typically even sometimes psk because networkmanager was really quite wack prior. The newest networkmanager under 8.10 is mostly pretty solid, finally giving me windoze-like guiness for simplifying my wireless even in enterprise networks. I can help with calling wpa_supplicant direct if you _have_ to, but if you don't like or are used to using a command-line, it's not much of an option. So I ask these: 1) What kind of nic are you using? Use commands like "lsusb" or "lsmod | grep mac" tend to be helpful. Even the sticker on the box sometimes. I can probably tell you if it's a pos, or should work, as research will as well. Doing enterprise wireless, ive had to try just about every method on a ton of different wifi nic over the years to know what works and what doesn't. 2) I saw prior you getting a 68.x.x.x address on your workstation - you have your router connected incorrectly if so. Only your "outside" or "wan" ports should have anything not 192.168.0.0/16 or 10.0.0.0/8 addresses. You should connect up your cable modem to the wan, and your hosts on the other ports. Most generic routers will hand you a 192.168.1.x/24 address, yours should as well on the lan or wireless. 3) I don't use wicd, but the results will be the same regardless. When you try to connect, on the command line type "iwconfig wlan0" and note the result. You should see most notably the ESSID as your SSID: wlan0 IEEE 802.11abgn ESSID:"your_essid" If it does not, wicd isn't talking correctly to your nic. 4) Does yours specifically say WPA2 or WPA, also if mentions tkip or aes? These are quite relevant, and again, some nics doesn't support combinations thereof. I highly recommend moving to ubuntu 8.10 (or higher) and using native network manager over wicd. I think so long as your nic isn't wack/old, you'll find it just works now. If not for upgrading, look at getting a backport of networkmanger 7.0 from hardy-backports and try it (google it). Also consider getting another nic, I try to use intel's exclusively, as they ultimately have better/best support for various encryption and authentication standards, especially for enterprise. Intel contributes source code as well, unlike broadcom or other random chinese chipsets of the week. -mb On Sat, 2009-06-13 at 15:43 -0700, Bob Elzer wrote: > I have a D-Link DI624, I am running WPA2 with AES and PSK. > > And I don't have a radius server. > > It works fine. > > > > -----Original Message----- > From: plug-discuss-bounces@lists.plug.phoenix.az.us > [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of > Craig White > Sent: Saturday, June 13, 2009 1:29 PM > To: Main PLUG discussion list > Subject: Re: my router hates me > > On Sat, 2009-06-13 at 13:14 -0700, Robert Holtzman wrote: > > On Fri, 12 Jun 2009, kitepilot@kitepilot.com wrote: > > > > > BTW... > > > You seem to have the router configured for WPA. > > > WPA won't work without some serious tinkering and some other > > > resources, like servers and all sort of ugly stuff. > > > That may be the source of your problem. > > > Turn it off. > > > > I haven't seen this mentioned in all the not inconsiderable reading > > I've done. The only reference I've seen to having to run a server is > > in connection with WPA/WPA2 and the AES algorithm where there has to > > be a RADIUS server involved. I'm running WPA with the TKIP algorithm. > > > > If I'm wrong could you clarify or point me to a source? I ran across > > this at http://technet.microsoft.com/en-us/library/bb877996.aspx > > > > "For environments without a RADIUS infrastructure, WPA supports the > > use of a preshared key. For environments with a RADIUS > > infrastructure, WPA supports EAP and RADIUS." > > > > Forgive the source (M$). > > > > As I mentioned in a previous post, the connection fails with or > > without encryption enabled. > > > > Thanks for your continued patience. Between you and the other list > > members who have responded I know a bit more about networking than > > when I started. > ---- > There are many forms of WPA but I think you are referring to WPA-PSK > which is a 'pre-shared key' system. You put the pre-shared key into > the 'access point/router' and also provide the same pre-shared key to > whatever computer is trying to connect. WPA-PSK infers both an > encryption method and an authentication method. > > WPA (TKIP) or WPA2 (AES) are encryption methods and both would use a > separate backend radius server for authentication. > > Craig > > > -- > This message has been scanned for viruses and dangerous content by > MailScanner, and is believed to be clean. > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss