Connect to WPI Wireless Using a Raspberry Pi

How to connect your Raspberry Pi to the WPI Wireless network.

Requirements

The Raspberry Pi must be operating properly to configure wireless. If the following issues are present, do not proceed with configuration:

  1. Power: If a rainbow-colored cube appears in the corner of your screen, the power supply is incorrect.
  2. Temperature: If a red cube appears, the power supply is overheated.

Instructions - Manual Configuration

  1. Make sure your computer's clock is set to the correct local date and time.
  2. Find your Raspberry Pi's wireless MAC address.
  3. Make sure your Raspberry Pi's wireless MAC address is registered through WPI Network Registration.
  4. Using a Mac or PC that is already on the Internet, download your certificates using the Connecting a Device which is Unsupported by CloudPath to the Wireless Network instructions.
  5. Copy the two certificate files to a convenient location for storing certificates, such as /etc/pki/tls/certs. If that folder does not exist, create /etc/pki/tls/certs. Name the files as follows:
    • Rename CA-{Random Hex Number}.pem to CA-netops.pem
    • Rename certificate.p12 to WPI-Wireless-TEMP.p12
  6. Convert the P12 file to PEM to protect the security of your WPI credentials! NOTE: The file wpa_supplicant.conf may be in either of these locations:
    • /etc/wpa_supplicant.conf
    • /etc/wpa_supplicant/wpa_supplicant.conf
    • Option #1: Make the configuration and your wireless user certificate files only readable by root:
    •      pi@raspberrypi:~$ sudo chown root:root /etc/wpa_supplicant.conf /etc/pki/tls/certs/WPI-Wireless*.pem
            pi@raspberrypi:~$ sudo chmod 600 /etc/wpa_supplicant.conf /etc/pki/tls/certs/WPI-Wireless*.pem
    • Option #2: Change the passphrase so that it does not use your WPI credentials:
    •      pi@raspberrypi:~$ cd /etc/pki/tls/certs
            pi@raspberrypi:~$ sudo openssl pkcs12 -in WPI-Wireless-TEMP.p12 -out temp.pem -passout pass:TEMPPASSWORD
            pi@raspberrypi:~$ sudo openssl pkcs12 -export -in temp.pem -out WPI-Wireless-YYYY-MM-DD.p12 -passin pass:TEMPPASSWORD
            pi@raspberrypi:~$ sudo rm -rf WPI- Wireless-TEMP.p12
            pi@raspberrypi:~$ sudo rm -rf temp.pem
  7. Edit the file /etc/wpa_supplicant.conf as follows, filling in the proper paths and filenames to the downloaded certificate files and entering either your WPI password if you used Option #1 above or your new password if you used Option #2 above.
  8. network={
                ssid="WPI-Wireless"
                key_mgmt=WPA-EAP
                proto=WPA2
                pairwise=CCMP
                group=CCMP
                eap=TLS
                identity="YOUR_WPI_EMAIL_ADDRESS"
                ca_cert="/etc/pki/tls/certs/CA-netops.pem"
                private_key="/etc/pki/tls/certs/WPI-wireless-YYYY-MM-DD.p12"
                private_key_passwd="YOUR_PASSWORD"
        }

    NOTE: Some instances of Raspberry Pi might require this field: client_cert="/etc/pki/tls/certs/WPI-wireless-YYYY-MM-DD.p12"

  9. Start wpa_supplicant with the configuration file and wireless network interface name in debug mode.
  10. wpa_supplicant -c /etc/wpa_supplicant.conf -i ath0 -D nl80211

    NOTE: Some instances of Raspberry Pi may need madwifi instead.

    The output from wpa_supplicant should look something like this:

       l2_packet_receive - recv: Network is down
        Trying to associate with 00:0b:0e:0f:87:41 (SSID='WPI-Wireless' freq=5180 MHz)
        Associated with 00:0b:0e:0f:87:41
        WPA: Key negotiation completed with 00:0b:0e:0f:87:41
  11. Start your DHCP client on the wireless network interface, e.g.:
  12. /sbin/dhclient ath0
  13. Assuming everything looks good from wpa_supplicant, reboot the Raspberry PI. When the device comes back up you should be connected to the WPI-Wireless network.
WPI Info
What is your Affiliation with WPI?

Include details such as which device(s), your location (on or off campus), how long the issue has been ocurring.