Hi to all,
Does anybody know if there is a way (either via 3rd party soft or upgrade) to get WPA2 working?
Cheers,
Markus
Try to find "funk"
are u trying to do WPA2 with a radius server or to do 802.1x?
funk as mentioned in a post ahead has a PPC client , i think its called odyssey or something that can be placed in your ppc for the WPA2 authentication with its Funk SBR [ steel belted radius ].
However, that client only works if u are using Funk's SBR and not other type of radius
Related
Hi Everyone,
I recently purchased an XDAII and brought it to the states and am currently using it on AT&T's GSM/GPRS network. I can VPN into my corporate network and have validated a VPN Session on the server side...but for some odd reason I cannot hit my intranet site or any servers on my network. I think it is a setting I missed or configured incorrectly on my device. Anyone have any suggestions?
Any help would be greatly appreciated!
Thanks,
Richard
Richard, I'd be interested too, as it's exactly what I want to do. What VPN software are you using? I was planning on using the Secure Remote software, PDA version.
Can you get access to the firewall logs to see what is happening, any drop or messages, etc?
Securemote and Himalaya type phones
Guys, I have a similar problem and checkpoint doesn't currently himalayas!!!
Anybody has a solution?
Thanks
Moustapha
I know the problem
I know the problem(I think), it's the fact that using the default (built in) VPN client the XDAII doesn't pick up the subnet mask from the VPN, it generates it's own based on the class of IP address, setting nthe dhcp server to dish out class c addresses works on my set up - will keep you posted though!
got it working SecureClient 131/ NG FP3 SecureRemote / GPRS
Hi
I have installed the SecureClient for WM2003 Build 131 and the Firewall is a NG FP3 only with SecuRemote configured. First i needed to change the authenification schema on the firewall an enter a pre-shared secret. After that i was able to establish the vpn tunnel.
I tried putty and temrinal serrvice into the internal network and both was working . I just got a message that the secureclient was not able to download the client policy, but i just ignored that.
Hope this helps
Reto
Hi, has anyone successfully used l2tp on their JASJAR (using a certificate, not a shared secret)?. For some reason our certificate does not seem to work on the JASJAR, it works fine with Windows Mobile 2003 SE devices, but on Windows Mobile 5 the l2tp connection just fails directly (complaining about the username/password) without sending one bit of information to the VPN server. Any help is appreciated.
Kim
I FOUND THE REASON!
It´s the smart dialer. Deactivate it by removing the operator phone skin
* The setting is at 'HKEY_LOCAL_MACHINE\Security\Phone\Skin'
* The 'Enabled' value must be set to '0' to show the default skin
In case if you like your operator´s buttons more than the default, delete or rename the 'ext' value. Unfortunately the button for video calls is removed by these actions. But L2TP VPN will work instead.
If you guys want a good and secure remote desktop program try:
http://www.logmein.com
Change resolution to 640x480 and you have a full desktop pc on yout universe.
Believe me it's the best.
df2jh said:
I FOUND THE REASON!
It´s the smart dialer. Deactivate it by removing the operator phone skin
* The setting is at 'HKEY_LOCAL_MACHINE\Security\Phone\Skin'
* The 'Enabled' value must be set to '0' to show the default skin
In case if you like your operator´s buttons more than the default, delete or rename the 'ext' value. Unfortunately the button for video calls is removed by these actions. But L2TP VPN will work instead.
Click to expand...
Click to collapse
Yeah! I can verify this, though nowadays I'm using an HTC TyTN, but the same problem still exists. Note though that you don't have to remove the operator phone skin, just disable smart dialing from the phone:
Menu/Smart Dialing Options.../[ ] Enable Smart Dialing
Now the VPN works, but it still might randomly fail IF you have your mailbox open The VPN will work again if you close the Inbox application, so no reboot is needed anymore. I have to look into the Inbox problem a bit more ...
Kim
I have tried this (diabling Smartphone) on my MDA Pro II, but still get the symptoms described above.
The basics work (PPTP, L2TP/IPSec with pre-shared key).
I have my SBS2003 CA authority cert installed in the Trusted certs stash. I assume that I need a device certificate.
I have a Windows Server CA. What type of certificate do I need to install, and how, to get the L2TP/IPSec client to pick up the right stuff.
Has anybody ever managed to get a connection to a Cisco VPN? I just can't get it to work at all :-(
G
gquipster said:
Has anybody ever managed to get a connection to a Cisco VPN? I just can't get it to work at all :-(
G
Click to expand...
Click to collapse
No - we now publish a TS session from our servers.
gquipster said:
Has anybody ever managed to get a connection to a Cisco VPN? I just can't get it to work at all :-(
G
Click to expand...
Click to collapse
Yes. Assuming that you are using IOS, you will need something like
Code:
vpdn enable
!
vpdn-group L2TP
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
no l2tp tunnel authentication
! Not all of the options are necessary
interface Virtual-Template1
! BVI1 cd be some other interface
ip unnumbered BVI1
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip virtual-reassembly
ip route-cache flow
! Easier to get the IP address from a local pool
peer default ip address dhcp
ppp mtu adaptive
! optional
ppp lcp predictive
! eap only if you authenticate users by certificates
! You will need to ensure that it matches your
! aaa authentication ppp default ...
! You may also need a
! aaa authorization network ...
ppp authentication eap ms-chap-v2
! optional
ppp ipcp header-compression ack
! optional
ppp ipcp predictive
! necessary to get unique DHCP addresses
ppp ipcp username unique
crypto isakmp policy 100
encr 3des
authentication pre-share
group 2
crypto isakmp key <yourkey> address 0.0.0.0 0.0.0.0 no-xauth
crypto ipsec transform-set 3DESSHA esp-3des esp-sha-hmac
mode transport
!
crypto dynamic-map DYN-L2TP 100
set transform-set 3DESSHA
!
!
crypto map STATIC-L2TP 100 ipsec-isakmp dynamic DYN-L2TP
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
! whatever is needed for your external interface
!
crypto map STATIC-L2TP
for pre-shared key access.
Not to be stupid but IOS?
How would I set this up?
Being able to access work would be fantastic!!!
Thanks!!!
G
Sorry, but these are configuration commands for your Cisco router.
Ah yes there in lies the rub. It's work's VPN server which I want to access :-(
Been considering seeing if i can set up a VPN tunnel through my home firewall (Netgear) so theoretically I could connect over the net to my firewall and then over my firewall to works VPN but I don't know much about it to be honest
Hey together,
I´m searching for an update or something else, so I can use my Wizard in a WPA wireless environment.
Can somebody help me, what I can do???
Thanks a lot
br
Martin
The Wizard has always supported WPA/WPA-PSK Authentication and TKIP Encryption. It is easy to set up but if you use the WPA-Enterprise (NOT WPA-PSK) with 802.1x PEAP or EAP-TLS then it requires Certificates to be installed on your device. Server Certificates can be installed easily by way of a .CAB file but you must enroll for Client Certificates. HTC include a Certificate Enrollment untility the 'Wireless' utility, however this requires a Windows 2000/2003 CA Server and cannot enroll with other CA's.
AKU 3.x added support for WPA2/WPA2-PSK Authentication and AES Encryption, however since a real AKU 3.x update has never been provided for the Wizard there are only hacked versions available (Faria's etc). I can confirm though that Faria's AKU 3.3 ROMs have this support and it does work (I am now only using WPA2 & AES at home and it works well). WPA2 has the same authentication requirements as WPA (i.e. Certificates).
Setting the Wireless AP's up varies on each device type, plus WPA-PSK/WPA2-PSK doesn't require Radius server(s) configuring whilst WPA/WPA2 does.
Andy
I have tried searching the forums information about the possibility to use WPA2-Enterprise on Windows Mobile. What i have found is that is not currently implemented in WM6. Does anyone have information if it implemented in WM6.1? Are there any 3:rd party applications that can give you access to a WPN2-Enterprise network?
//Awi
WPA2 & WPA2-PSK are, but WPA2-Enterprise is not showing in any of the
Wireless LAN setup dialogs in WM6v1.
vdot said:
WPA2 & WPA2-PSK are, but WPA2-Enterprise is not showing in any of the
Wireless LAN setup dialogs in WM6v1.
Click to expand...
Click to collapse
There isn't a separate WPA2-Enterprise, it is just the WPA2 Authentication option in the drop-down list. The 'Enterprise' name only comes from the fact that authentication is performed by a centralised RADIUS server that the WiFi access point sends authenticaion requests to. This is in contrast to WPA-PSK and WPA2-PSK that uses a Pre-Shared-Key (PSK) configured locally on the WiFi AP.
With WPA/WPA2 the WiFi clients use 802.1x EAP authentication, however WM5/6 only supports two EAP types - PEAP and EAP-TLS (Smart Card or Certificate). In both cases at least one certificate is required to get it working. I currently use WPA2 with EAP-TLS authentication and AES encryption and it works perfectly.
What issues are you having?
Andy
ADB100 said:
There isn't a separate WPA2-Enterprise, it is just the WPA2 Authentication option in the drop-down list. The 'Enterprise' name only comes from the fact that authentication is performed by a centralised RADIUS server that the WiFi access point sends authenticaion requests to. This is in contrast to WPA-PSK and WPA2-PSK that uses a Pre-Shared-Key (PSK) configured locally on the WiFi AP.
With WPA/WPA2 the WiFi clients use 802.1x EAP authentication, however WM5/6 only supports two EAP types - PEAP and EAP-TLS (Smart Card or Certificate). In both cases at least one certificate is required to get it working. I currently use WPA2 with EAP-TLS authentication and AES encryption and it works perfectly.
What issues are you having?
Andy
Click to expand...
Click to collapse
hi currently my co is using peap via certificate..however the certificate can be found onli in the laptop. do you think i can export it out from the laptop and import to the pda? thanks
devil_82 said:
hi currently my co is using peap via certificate..however the certificate can be found onli in the laptop. do you think i can export it out from the laptop and import to the pda? thanks
Click to expand...
Click to collapse
All you need on the PDA is the servers public certificate to be in the Root Certificate store, you don't actually need a personal certificate on the PDA (unless you are performing PEAP with user certificates as opposed to PEAP with EAP-MSCHAPv2). To do this you would need to export it from the server or your PC and then import it on your PDA.
There is a post in another thread about disabling the certificate validation with WM5/6 which I haven't tried but looks like it should work and you wouldn't need to import the certificate:
http://forum.xda-developers.com/showthread.php?t=283380
Andy
I have nw got youtube playing through a media streamer but only through IE, I have tried all the settings at opera:config but that hasnt worked......
How do I get youtube to display the video so I can use the press play button as I can when I use IE? All opera is does when i select a video is show me text...... anybody know what im doing wrong or need to do?
WELL?!?
45 views and no one can tell me why opera wont let me select press play on youtube when it did before i upgraded to tomal? IE does.
After I hard reset and install opera all my bookmarks are still there, HOW DO I COMPLETELY ERASE ALL HISTORY WITH OPERA?
Am I speaking English? how is this a hard question for you 'experts'????
perhaps you you will find a solution after check this thread ~ http://www.jayceooi.com/2010/04/01/...-mobile-10-with-adobe-flash-lite-3-1-support/
Hi! I'm a noob with a newby question.... plz help.
I have just been given a XDA EXEC (UNIVERSAL) and the wi fi just seems too confusing :/ what is WPA-PSK, WPA, shared and Open? I have bt home hub, all i want is the screen to enter the wireless key i dont understand all the option...... I mean, it is wi fi I want and not wireless lan?
Thank you in advance and I will use the thank you button, I have found that!
WPA ( Wifi Protected Access ) is a more robust security technology for Wi - Fi network than WEP. This provides strong data protection by using encryption and strong access control and user authentication. WPA uses encryption keys 128 - bits and dynamic session keys to ensure the privacy of your wireless network and security companies.
There are two basic forms of WPA:
- WPA Enterprise ( requires a Radius server )
- WPA Personal ( also known as WPA - PSK )
Either can use TKIP or AES for encryption. Not all WPA hardware supports AES.
WPA - PSK is basically an authentication mechanism in which the user provides some form of credentials to verify that they should be allowed to access the network. This requires a single password entered into each node (WLAN Access Points, Wireless Routers, client adapters, bridges ). During game password, the client will be given access to the WLAN.
Encryption mechanisms used for WPA and WPA - PSK are the same. The only difference between the two is in the WPA - PSK, authentication is reduced to a simple common password, instead of a specific user credentials.
Pre - Shared Key ( PSK ) mode of WPA is considered vulnerable to the same risks as any other shared password system - dictionary attacks for example. Another problem might be key management difficulties such as removing a user once access has been granted where the key is shared among multiple users, it is not possible in the home environment.