Hey together,
I´m searching for an update or something else, so I can use my Wizard in a WPA wireless environment.
Can somebody help me, what I can do???
Thanks a lot
br
Martin
The Wizard has always supported WPA/WPA-PSK Authentication and TKIP Encryption. It is easy to set up but if you use the WPA-Enterprise (NOT WPA-PSK) with 802.1x PEAP or EAP-TLS then it requires Certificates to be installed on your device. Server Certificates can be installed easily by way of a .CAB file but you must enroll for Client Certificates. HTC include a Certificate Enrollment untility the 'Wireless' utility, however this requires a Windows 2000/2003 CA Server and cannot enroll with other CA's.
AKU 3.x added support for WPA2/WPA2-PSK Authentication and AES Encryption, however since a real AKU 3.x update has never been provided for the Wizard there are only hacked versions available (Faria's etc). I can confirm though that Faria's AKU 3.3 ROMs have this support and it does work (I am now only using WPA2 & AES at home and it works well). WPA2 has the same authentication requirements as WPA (i.e. Certificates).
Setting the Wireless AP's up varies on each device type, plus WPA-PSK/WPA2-PSK doesn't require Radius server(s) configuring whilst WPA/WPA2 does.
Andy
Related
Hi,
I try to establish a vpn connection to our company-VPN.
VPN Gateway is a cisco device. "Normal" connection via notebook with cisco vpn client works.
On my TyTN i installed ncp client. But i dont know how to configure the cisco settings.
On Cisco VPN Client:
- IP Adress of Gateway
- Group Authentication
- Transport IPSec over UDP
On ncp VPN Client:
- IP Adress of Gateway is easy to find
But i cannot assign the other settings. NCP Client has a lot of settings.
Has anybody success to establish vpn connection via windows Mobile to a cisco Gateway ?
Got it. Not the vpn Client was the problem.
The Blackberry connect SW (disabled!) prevented connection via vpn.
Deinstallation of BB Connect und vpn Client from Bluefire works fine.
What did you use as the VPN client to connect into the cisco gateway?
Do you use a RSA secureID token?
I am tring to get a VPN connection running from my HTC p3600i, WM6.
New VPN Client
Since a few days i use another VPN Client: www.ncp.de
Works fine. We do not user RSA Token. Only Group Authentication (free string to identify groups) and XAUTH - user/password.
WinnieK said:
Since a few days i use another VPN Client: www.ncp.de
Works fine. We do not user RSA Token. Only Group Authentication (free string to identify groups) and XAUTH - user/password.
Click to expand...
Click to collapse
Can you write your settings? I can't configre this
Any ideas on a MPPE PPTP VPN via WM6? I have been trying to get this to work for months and can't. I am operating under the presumption that the VPN client in WM5/6/6.1 doesn't support MPPE and I am therefor up S#!T creek without a 3rd party dialer...
(It is a VPN connection to my work and yes as sorry as this is they still use an encrypted PPTP connection for all of their VPN connections. If they would just move on to something a LITTLE more current L2TP/IPsec I wouldn't be having any of these problems...)
But is there such a thing as a 3rd party PPTP VPN client for WM5/6/6.1 I haven't been able to find one...
TIA~
WinnieK said:
Since a few days i use another VPN Client: www.ncp.de
Works fine. We do not user RSA Token. Only Group Authentication (free string to identify groups) and XAUTH - user/password.
Click to expand...
Click to collapse
kindly can you show where to set the Group Authentication ?!!!
New(ish) Cisco AnyConnect VPN Client
Cisco have released an AnyConnect VPN client for Windows Mobile 5/6 (version 2.3.185). This is specifically targetted towards the ASA 5500 platform as the VPN server, however it should also work with IOS VPN devices (I am told?).
I haven't tried it, however I have seen it demonstrated and it all seemed to work.
Personally I prefer the integrated L2TP/IPSec VPN client and have posted previously on how to get this working with Cisco PIX 6.3, ASA/PIX 7.x and IOS devices.
Andy
AnyConnect VPN client will support only SSL VPN, that avaiable on Cisco ASA and IOS from 12.4(20)T or later.
Can I have two VPN connections to two different places on the same computer?
I work at two different medical facilities. I have a VPN connection to one and I'm trying to set up one for the other. When I'm in the New Connection Wizard and I pick "automatically dial connection", it makes me pick the medical facility that I already had on the computer to "automatically dial" when trying to create this new one.
cool vpn has given the users privilege to surf internet with freedom and security Thanks to VPN
After reading many threads and websites, I am still unable to get a solution to my issue regarding specific Wi-Fi connections on my XV6800 / HTC Titan.
My college uses a WPA Enterprise/TKIP secured network using PEAP/EAP-MSCHAPv2 authentication. It is also required that the server's certificate is not checked against a CA for validity.
My problem is that I have been unable to connect to the network.
Using the settings (Authentication: WPA, Encryption: TKIP), I can choose PEAP for Network Authentication, but hitting Properties says "Cannot log on to the wireless network. This network requires a personal certificate to positively identify you."
It will never let me connect because of that.
Now, on the other hand, I tried SecureW2 TTLS as my authentication, and in SecureW2, I setup a profile with it setup to not check the server certificate, and EAP/PEAP for Authentication method/type respectively. As well as to prompt for user credentials.
With this method, I get nothing... Also, Properties near PEAP also says the same thing about the requirement of a personal certificate.
For reference, I'm using DCD's 3.2.0 ROM with Windows Mobile 6.1.
If anyone has any experience with this, please let me know ASAP.
Thank you.
I have tried searching the forums information about the possibility to use WPA2-Enterprise on Windows Mobile. What i have found is that is not currently implemented in WM6. Does anyone have information if it implemented in WM6.1? Are there any 3:rd party applications that can give you access to a WPN2-Enterprise network?
//Awi
WPA2 & WPA2-PSK are, but WPA2-Enterprise is not showing in any of the
Wireless LAN setup dialogs in WM6v1.
vdot said:
WPA2 & WPA2-PSK are, but WPA2-Enterprise is not showing in any of the
Wireless LAN setup dialogs in WM6v1.
Click to expand...
Click to collapse
There isn't a separate WPA2-Enterprise, it is just the WPA2 Authentication option in the drop-down list. The 'Enterprise' name only comes from the fact that authentication is performed by a centralised RADIUS server that the WiFi access point sends authenticaion requests to. This is in contrast to WPA-PSK and WPA2-PSK that uses a Pre-Shared-Key (PSK) configured locally on the WiFi AP.
With WPA/WPA2 the WiFi clients use 802.1x EAP authentication, however WM5/6 only supports two EAP types - PEAP and EAP-TLS (Smart Card or Certificate). In both cases at least one certificate is required to get it working. I currently use WPA2 with EAP-TLS authentication and AES encryption and it works perfectly.
What issues are you having?
Andy
ADB100 said:
There isn't a separate WPA2-Enterprise, it is just the WPA2 Authentication option in the drop-down list. The 'Enterprise' name only comes from the fact that authentication is performed by a centralised RADIUS server that the WiFi access point sends authenticaion requests to. This is in contrast to WPA-PSK and WPA2-PSK that uses a Pre-Shared-Key (PSK) configured locally on the WiFi AP.
With WPA/WPA2 the WiFi clients use 802.1x EAP authentication, however WM5/6 only supports two EAP types - PEAP and EAP-TLS (Smart Card or Certificate). In both cases at least one certificate is required to get it working. I currently use WPA2 with EAP-TLS authentication and AES encryption and it works perfectly.
What issues are you having?
Andy
Click to expand...
Click to collapse
hi currently my co is using peap via certificate..however the certificate can be found onli in the laptop. do you think i can export it out from the laptop and import to the pda? thanks
devil_82 said:
hi currently my co is using peap via certificate..however the certificate can be found onli in the laptop. do you think i can export it out from the laptop and import to the pda? thanks
Click to expand...
Click to collapse
All you need on the PDA is the servers public certificate to be in the Root Certificate store, you don't actually need a personal certificate on the PDA (unless you are performing PEAP with user certificates as opposed to PEAP with EAP-MSCHAPv2). To do this you would need to export it from the server or your PC and then import it on your PDA.
There is a post in another thread about disabling the certificate validation with WM5/6 which I haven't tried but looks like it should work and you wouldn't need to import the certificate:
http://forum.xda-developers.com/showthread.php?t=283380
Andy
Hi, I am from Sweden and this is my first post here at XDA.
I got a HTC p3600, it´s upgraded to WM 6.5 and it works awesome.
Now the problem. The WLAN works great at home and other open networks/ if i got the key.
In my school we got WLAN but i can´t connect to it. I find it in the WLAN-list but there it ends. My friend with an Iphone just select the network and then he can insert his username and password, and woila! He´s in.
When i try to connect the server wants a "Certifikat" in swedish. I have tried to do a "Domain enroll" to get it But it always fail.
I think they use Windows Server 2003.
Does anybody understand my bad language? If you wanna know any more, just tell me.
Same problem here, trying for some weeks to find a solution and so far all attempts with different clients failed. I`m sure it`s not a windows server but a cisco concentrator that let`s You access wlan and it seems there is no free client that can communicate correctly with cisco hardware for winmobile. Iphones have a vpn client directly from cisco integrated and can pass without problems. Try to ask Your computer center what concentrator they use and if they know of a client that supports winmobile.
Some forums mention a registry hack that deactivates certificate authentication but just setting it didn`t help. We`re still trying if this might work in conjunction with a locally installed certificate. Try to get the root certificate of Your CA and import it to Your device. Might help. Somehow they screwed up PEAP on mobile clients cause it`s supposed to work without local certificates but alas...
FlyBy_1 said:
Same problem here, trying for some weeks to find a solution and so far all attempts with different clients failed. I`m sure it`s not a windows server but a cisco concentrator that let`s You access wlan and it seems there is no free client that can communicate correctly with cisco hardware for winmobile. Iphones have a vpn client directly from cisco integrated and can pass without problems. Try to ask Your computer center what concentrator they use and if they know of a client that supports winmobile.
Some forums mention a registry hack that deactivates certificate authentication but just setting it didn`t help. We`re still trying if this might work in conjunction with a locally installed certificate. Try to get the root certificate of Your CA and import it to Your device. Might help. Somehow they screwed up PEAP on mobile clients cause it`s supposed to work without local certificates but alas...
Click to expand...
Click to collapse
Thanks for the answer!
Would it be possible to to install some kind of program from cisco to make it work?
Unfortunately Cisco doesn`t do any winmo clients, they licensed it to other companies. Tried with Root CA yesterday but that didn`t work, maybe we need a valid client cert too. Have to get a personal one from our uni CA the days.
Try installing secureW2
http://www.securew2.com/node/3
This is a program specifically designed to work with wpa2 networks offered through a radius server. Most schools and universities use a radius server. You will need a local login and password though.
When installed, you can select securew2 in the certificate window of wifi settings, when you try to connect to the wireless network.
Thanks for the suggestion. I tried with various clients, none of them worked, securew2 was among them. But maybe it works with fiddyboy.
A page mentioned some older hardware may not cope with mixed wpa modes, maybe P3600 is among them but I really don`t think so...
MAsterokki said:
Try installing secureW2
http://www.securew2.com/node/3
This is a program specifically designed to work with wpa2 networks offered through a radius server. Most schools and universities use a radius server. You will need a local login and password though.
When installed, you can select securew2 in the certificate window of wifi settings, when you try to connect to the wireless network.
Click to expand...
Click to collapse
I am downloading now, will test it tomorrow. Thanks!
Edit: I am not getting it to work. Can someone help me with the settings?
I am sorry, but I don't know what settings to use in your specific case... These settings should be made available by your school or company, most of the time the settings for laptops will give enough information too
which rom do you use to upgrade to windows mobile 6.5
Finally got it to work. We have different WLANs here at our university. I had no luck connecting to our VPN-network so I tried our eduroam WLAN. Eduroam is a roaming network for educational purposes. If You have a login from Your uni/school/whatever You should be able to access the internet from any eduroam network worldwide.
As You said You were asked for a certificate I think Your network relies on the same technologies as ours because I had the same error before. Following explanation:
Our eduroam RADIUS server is certified.
This means our uni gave it a certificate. Our uni was certified by and got a certificate from the DFN (german research net). The DFN was certified by and got a certificate from the german Telekom.
This is called a certificate chain with the DFN as intermediary and Telekom as root certificate authority.
What I had to do is import just the root certificate (from Telekom) to my mobile device by downloading it from our unis webpage, transferring it to the Trinity and just click on it. It confirmed installation and the root ca is listed under the Settings>System>Certificates>Root.
Edit : Normal certs are with *.crt ending. MinMo wants *.cer-files. If You only can get Your hands on *.crt import them into Your PC browser, export from there with DER-encoding and rename *.der to *.cer. That`s it.
Our eduroam RADIUS server authentication is via PEAP.
So I configured the network connection like this:
connects to : internet
authentication : wpa2
data encryption : aes
eap type : PEAP
Connect. When prompted put in Your uni account credentials.
This worked on WinMo 6.1 and 6.5 Without the ValidateServerCert reghack or any other other special program.
WinMo5 failed! Also tried the ValidateServerCert reghack but it`s of no use. Think it`s because WM5 has no wpa2-aes support. If Your RADIUS allows wpa and tkip it may work.
Maybe if this doesn`t work Your server it uses something other than wpa2 or aes. Try different options. Maybe it`s not using PEAP. Ask Your admin but try with a certificate first.
The strange thing is that PEAP was used to avoid handling of certificates; it`s especially there to NOT have to fiddle with them. Anyway, this works here, hope this is the solution for Your location...
you should just buy a protable harddrive or a flash drive and transfer your files onto that and then onto your computer.
Hi, I have same problem, trying to use eduroam on CTU, my Notebook/Laptop WiFi work ok, but I can't connect with TD2 Topaz. I have instaled required certificate, but in options I have no way to set concrete RADIUS server to connect (which is required to be specified in settings on Notebook). Any ideas please? I Also installed securew2, but I can't add Cesnet CA in securew2 options, even it is installed in system (I is present in setings-certificates in WM).
When You have WinMo 6.1 You shouldn`t need securew2 and there is no need to explicitly set RADIUS IP. Have You tried eap-type : PEAP ? What`s the error message if any ?
I have nw got youtube playing through a media streamer but only through IE, I have tried all the settings at opera:config but that hasnt worked......
How do I get youtube to display the video so I can use the press play button as I can when I use IE? All opera is does when i select a video is show me text...... anybody know what im doing wrong or need to do?
WELL?!?
45 views and no one can tell me why opera wont let me select press play on youtube when it did before i upgraded to tomal? IE does.
After I hard reset and install opera all my bookmarks are still there, HOW DO I COMPLETELY ERASE ALL HISTORY WITH OPERA?
Am I speaking English? how is this a hard question for you 'experts'????
perhaps you you will find a solution after check this thread ~ http://www.jayceooi.com/2010/04/01/...-mobile-10-with-adobe-flash-lite-3-1-support/
Hi! I'm a noob with a newby question.... plz help.
I have just been given a XDA EXEC (UNIVERSAL) and the wi fi just seems too confusing :/ what is WPA-PSK, WPA, shared and Open? I have bt home hub, all i want is the screen to enter the wireless key i dont understand all the option...... I mean, it is wi fi I want and not wireless lan?
Thank you in advance and I will use the thank you button, I have found that!
WPA ( Wifi Protected Access ) is a more robust security technology for Wi - Fi network than WEP. This provides strong data protection by using encryption and strong access control and user authentication. WPA uses encryption keys 128 - bits and dynamic session keys to ensure the privacy of your wireless network and security companies.
There are two basic forms of WPA:
- WPA Enterprise ( requires a Radius server )
- WPA Personal ( also known as WPA - PSK )
Either can use TKIP or AES for encryption. Not all WPA hardware supports AES.
WPA - PSK is basically an authentication mechanism in which the user provides some form of credentials to verify that they should be allowed to access the network. This requires a single password entered into each node (WLAN Access Points, Wireless Routers, client adapters, bridges ). During game password, the client will be given access to the WLAN.
Encryption mechanisms used for WPA and WPA - PSK are the same. The only difference between the two is in the WPA - PSK, authentication is reduced to a simple common password, instead of a specific user credentials.
Pre - Shared Key ( PSK ) mode of WPA is considered vulnerable to the same risks as any other shared password system - dictionary attacks for example. Another problem might be key management difficulties such as removing a user once access has been granted where the key is shared among multiple users, it is not possible in the home environment.