diff --git a/content/wiki/eduroam.md b/content/wiki/eduroam.md deleted file mode 100644 index a694122..0000000 --- a/content/wiki/eduroam.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -title: Eduroam WiFi Guide ---- - -Connecting to the eduroam WiFi network (on the UCLA campus) is easy with Linux. -eduroam is available almost everywhere on campus, so this is probably the most -convenient WiFi network. - -## Using NetworkManager - -Connect to the *eduroam* network using the following Wireless Security settings: - -| Security | WPA & WPA2 Enterprise | -| -------------------- | --------------------- | -| Authentication | Protected EAP (PEAP) | -| PEAP version | Automatic | -| Inner authentication | MSCHAPv2 | -| Username | your UCLA username | -| Password | your UCLA password | - -For other networks (like UCLA_SECURE_RES), going to the following website: http://nmcheck.gnome.org/ should bring up the "Accept terms and conditions" page. diff --git a/content/wiki/ucla-network.md b/content/wiki/ucla-network.md new file mode 100644 index 0000000..36ff201 --- /dev/null +++ b/content/wiki/ucla-network.md @@ -0,0 +1,66 @@ +--- +title: UCLA Network Guide +date: 2024-04-03 +author: Mustafa +--- + +Eduroam is an international roaming service for students, based on WPA2 +Enterprise. Along with UCLA_WEB, it is a highly available network on campus. + +## Connecting to eduroam +[NetworkManager](https://wiki.archlinux.org/title/Networkmanager) fully supports +WPA2. The simplest way to connect is to use a graphical frontend for +NetworkManager. A minimalist option is to install `nm-applet` and +`nm-connection-editor` , then fill in the following settings: + +| Setting | Value | +| -------------------- | --------------------- | +| Security | WPA & WPA2 Enterprise | +| Authentication | Protected EAP (PEAP) | +| PEAP version | Automatic | +| Inner authentication | MSCHAPv2 | +| Username | *USERNAME*@ucla.edu | +| Password | your UCLA password | + +Note that setting "Do not require CA certificate" can be a security risk. If +an attacker is impersonating UCLA eduroam, then he can steal your UCLA +credentials. For added security, follow the guide on [UCLA KB](https://ucla.service-now.com/support?id=kb_article&sys_id=KB0010959), and manually check the certificate: + +``` +Certificate Serial Number: 00 9F 1E 08 E5 C2 D9 F5 1D FC 52 66 9C 40 48 5D 90 +SHA-256 Fingerprint of the Key: D8 62 DB 03 27 45 D1 AC 2E 36 0F 47 CA 9F 98 87 8F 30 6D A1 A5 31 AD 16 67 01 87 99 45 0D A0 D4 +SHA1 Fingerprint of the Key: A3 11 21 86 DB 31 24 B2 56 0D 8F FB 86 47 C9 0A 8F 36 5D 78 +``` + +For more information, see [UCLA IT page](https://it.ucla.edu/support-training/tutorials/connecting-campus-wireless-network), +and for a more advanced setup, see the [Arch Wiki](https://wiki.archlinux.org/title/Network_configuration/Wireless#eduroam). + +For other networks (like UCLA_SECURE_RES), going to the following website: +http://nmcheck.gnome.org/ should bring up the "Accept terms and conditions" +page. + +## Connecting to UCLA VPN +The UCLA VPN allows you to access campus resources as even when you are away from +campus. This is useful for downloading scientific journals, for example. + +Open `nm-connection-editor` or a NetworkManager frontend from your desktop +environment, and add a Cisco AnyConnect VPN connection with the following +settings: + +| Setting | Value | +| -------------------- | --------------------- | +| VPN Protocol | Cisco AnyConnect or OpenConnect| +| Gateway | ssl.vpn.ucla.edu | +| User Agent | AnyConnect Linux_64 4.10.07061 | +| CA certificate | None | + +The same note about the security risk applies when you set CA certificate to +none. After adding the VPN entry, launch `nm-applet`, connect to the VPN, and +set the following +``` +username: USERNAME +password: YOUR_PASSWORD/DUO_OTP +``` + +Note that you should append to your password after typing it a forward slash and +the two factor authentication code from your DUO OTP. diff --git a/content/wiki/ucla-vpn.md b/content/wiki/ucla-vpn.md deleted file mode 100644 index 9f7f59f..0000000 --- a/content/wiki/ucla-vpn.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -title: UCLA VPN Guide ---- - -The UCLA VPN allows you to access campus resources even when you are away from -campus. This is useful for downloading scientific journals, for example. - -Connecting to the UCLA VPN is easy. - -Open NetworkManager and add a Cisco AnyConnect VPN connection. - -Set the gateway to **ssl.vpn.ucla.edu**. The username/password are the same as -your school login. Please note that you will need to have your phone ready to -do the two-factor authentication.