Skip to content

Instantly share code, notes, and snippets.

@gbausch

gbausch/rpi-eduroam.md

Last active October 9, 2021 10:37
Show Gist options
  • Save gbausch/7e589d2f2ac4d89996966728e781b00c to your computer and use it in GitHub Desktop.
Save gbausch/7e589d2f2ac4d89996966728e781b00c to your computer and use it in GitHub Desktop.
Download ZIP
RaspberryPi mit eduroam verbinden
Raw
rpi-eduroam.md

Download des notwendigen Zertifikats

Download des Zertifikates nach /home/pi/:

wget https://itsz.htwk-leipzig.de/fileadmin/portal/m_itsz/Zertificate_CA/T-TeleSec_GlobalRoot_Class_2.crt

Konfiguration

In /etc/wpa_supplicant/wpa_supplicant.conf einfügen:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=DE

ap_scan=1

network={
  ssid="eduroam"
  proto=RSN
  key_mgmt=WPA-EAP
  eap=PEAP
  identity="[email protected]"
  anonymous_identity="[email protected]"
  password="PASSWORD"
  ca_cert="/home/pi/T-TeleSec_GlobalRoot_Class_2.crt"
  phase1="peaplabel=0"
  phase2="auth=MSCHAPV2"
}

Test der Konfiguration

# wlan1 => externer WLAN-USB-Stick
# wlan0 => internes WLAN-Interface

sudo wpa_supplicant -i wlan1 -c /etc/wpa_supplicant/wpa_supplicant.conf

Automatische Verbindung mit eduroam

In /etc/network/interfaces einfügen:

allow-hotplug wlan1
iface wlan1 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Routing von wlan1 (eduroam) zu wlan1 (AP)

In rc.local einfügen:

iptables -t nat -A POSTROUTING -o wlan1 -j MASQUERADE
iptables -A FORWARD -i wlan0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment