forked from jshiffer/site
Add UCLA Networking guide
This commit is contained in:
parent
e6a7545e2d
commit
670e648259
@ -1,21 +0,0 @@
|
|||||||
---
|
|
||||||
title: Eduroam WiFi Guide
|
|
||||||
---
|
|
||||||
|
|
||||||
Connecting to the eduroam WiFi network (on the UCLA campus) is easy with Linux.
|
|
||||||
eduroam is available almost everywhere on campus, so this is probably the most
|
|
||||||
convenient WiFi network.
|
|
||||||
|
|
||||||
## Using NetworkManager
|
|
||||||
|
|
||||||
Connect to the *eduroam* network using the following Wireless Security settings:
|
|
||||||
|
|
||||||
| Security | WPA & WPA2 Enterprise |
|
|
||||||
| -------------------- | --------------------- |
|
|
||||||
| Authentication | Protected EAP (PEAP) |
|
|
||||||
| PEAP version | Automatic |
|
|
||||||
| Inner authentication | MSCHAPv2 |
|
|
||||||
| Username | your UCLA username |
|
|
||||||
| Password | your UCLA password |
|
|
||||||
|
|
||||||
For other networks (like UCLA_SECURE_RES), going to the following website: http://nmcheck.gnome.org/ should bring up the "Accept terms and conditions" page.
|
|
66
content/wiki/ucla-network.md
Normal file
66
content/wiki/ucla-network.md
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
---
|
||||||
|
title: UCLA Network Guide
|
||||||
|
date: 2024-04-03
|
||||||
|
author: Mustafa
|
||||||
|
---
|
||||||
|
|
||||||
|
Eduroam is an international roaming service for students, based on WPA2
|
||||||
|
Enterprise. Along with UCLA_WEB, it is a highly available network on campus.
|
||||||
|
|
||||||
|
## Connecting to eduroam
|
||||||
|
[NetworkManager](https://wiki.archlinux.org/title/Networkmanager) fully supports
|
||||||
|
WPA2. The simplest way to connect is to use a graphical frontend for
|
||||||
|
NetworkManager. A minimalist option is to install `nm-applet` and
|
||||||
|
`nm-connection-editor` , then fill in the following settings:
|
||||||
|
|
||||||
|
| Setting | Value |
|
||||||
|
| -------------------- | --------------------- |
|
||||||
|
| Security | WPA & WPA2 Enterprise |
|
||||||
|
| Authentication | Protected EAP (PEAP) |
|
||||||
|
| PEAP version | Automatic |
|
||||||
|
| Inner authentication | MSCHAPv2 |
|
||||||
|
| Username | *USERNAME*@ucla.edu |
|
||||||
|
| Password | your UCLA password |
|
||||||
|
|
||||||
|
Note that setting "Do not require CA certificate" can be a security risk. If
|
||||||
|
an attacker is impersonating UCLA eduroam, then he can steal your UCLA
|
||||||
|
credentials. For added security, follow the guide on [UCLA KB](https://ucla.service-now.com/support?id=kb_article&sys_id=KB0010959), and manually check the certificate:
|
||||||
|
|
||||||
|
```
|
||||||
|
Certificate Serial Number: 00 9F 1E 08 E5 C2 D9 F5 1D FC 52 66 9C 40 48 5D 90
|
||||||
|
SHA-256 Fingerprint of the Key: D8 62 DB 03 27 45 D1 AC 2E 36 0F 47 CA 9F 98 87 8F 30 6D A1 A5 31 AD 16 67 01 87 99 45 0D A0 D4
|
||||||
|
SHA1 Fingerprint of the Key: A3 11 21 86 DB 31 24 B2 56 0D 8F FB 86 47 C9 0A 8F 36 5D 78
|
||||||
|
```
|
||||||
|
|
||||||
|
For more information, see [UCLA IT page](https://it.ucla.edu/support-training/tutorials/connecting-campus-wireless-network),
|
||||||
|
and for a more advanced setup, see the [Arch Wiki](https://wiki.archlinux.org/title/Network_configuration/Wireless#eduroam).
|
||||||
|
|
||||||
|
For other networks (like UCLA_SECURE_RES), going to the following website:
|
||||||
|
http://nmcheck.gnome.org/ should bring up the "Accept terms and conditions"
|
||||||
|
page.
|
||||||
|
|
||||||
|
## Connecting to UCLA VPN
|
||||||
|
The UCLA VPN allows you to access campus resources as even when you are away from
|
||||||
|
campus. This is useful for downloading scientific journals, for example.
|
||||||
|
|
||||||
|
Open `nm-connection-editor` or a NetworkManager frontend from your desktop
|
||||||
|
environment, and add a Cisco AnyConnect VPN connection with the following
|
||||||
|
settings:
|
||||||
|
|
||||||
|
| Setting | Value |
|
||||||
|
| -------------------- | --------------------- |
|
||||||
|
| VPN Protocol | Cisco AnyConnect or OpenConnect|
|
||||||
|
| Gateway | ssl.vpn.ucla.edu |
|
||||||
|
| User Agent | AnyConnect Linux_64 4.10.07061 |
|
||||||
|
| CA certificate | None |
|
||||||
|
|
||||||
|
The same note about the security risk applies when you set CA certificate to
|
||||||
|
none. After adding the VPN entry, launch `nm-applet`, connect to the VPN, and
|
||||||
|
set the following
|
||||||
|
```
|
||||||
|
username: USERNAME
|
||||||
|
password: YOUR_PASSWORD/DUO_OTP
|
||||||
|
```
|
||||||
|
|
||||||
|
Note that you should append to your password after typing it a forward slash and
|
||||||
|
the two factor authentication code from your DUO OTP.
|
@ -1,14 +0,0 @@
|
|||||||
---
|
|
||||||
title: UCLA VPN Guide
|
|
||||||
---
|
|
||||||
|
|
||||||
The UCLA VPN allows you to access campus resources even when you are away from
|
|
||||||
campus. This is useful for downloading scientific journals, for example.
|
|
||||||
|
|
||||||
Connecting to the UCLA VPN is easy.
|
|
||||||
|
|
||||||
Open NetworkManager and add a Cisco AnyConnect VPN connection.
|
|
||||||
|
|
||||||
Set the gateway to **ssl.vpn.ucla.edu**. The username/password are the same as
|
|
||||||
your school login. Please note that you will need to have your phone ready to
|
|
||||||
do the two-factor authentication.
|
|
Loading…
Reference in New Issue
Block a user