EAP TTLS PAP authentication - Android Software Development

I have written a WiFi client that supports OPEN and Preshared key networks, and am trying to add EAP TTLS PAP authentication. The Android WifiConfiguration class has settings for supporting preshared keys, but I don't see how to set the various fields for EAP TTLS PAP, such as inner and outer identity, password.
Has anyone tried to do this?

pliaw said:
I have written a WiFi client that supports OPEN and Preshared key networks, and am trying to add EAP TTLS PAP authentication. The Android WifiConfiguration class has settings for supporting preshared keys, but I don't see how to set the various fields for EAP TTLS PAP, such as inner and outer identity, password.
Has anyone tried to do this?
Click to expand...
Click to collapse
I have the same problem, my friend has an Eris that has all the additonal config parameters you mentioned (inner/outer tunnel, etc...)

Related

Wifi Help.....Please

Hi, Can anyone help me with the settings I need to connect my Wanadoo Livebox with my O2 XDA Exec using wifi??
I already connect with my laptop and my wife's ipaq but can't with the exec.
I have 128 bit wep enabled and have put the key successfully into the exec but all that happens is: "connecting" followed by "available"?
I can see the network fine and when I check the livebox config.....the mac address of the exec is there along with the other two devices, so it's mac associated.
At the moment I'm using:
Network Cards Tab:
Wireless Tab:
Shows my livebox with the alternating connecting/available message.
Clicking on the shown network (my livebox) brings up the settings:
General Tab:
Network name: shows the correct SSID for my livebox
Connects to: The Internet.
Network Key Tab:
Authentication: WPA-PSK (Although I've also tried this on "open").
Data Encryption: TKIP.
"The key is automatically provided" box is ghosted.
Network key: Correct wep key, tried in upper and lower case.
Key Index: Is ghosted but shows "1".
802.1x Tab:
All ghosted......
But shows a ticked box for "use IEEE 802.1x network access control".
EAP type: Smart Card or Certificate.
Back to previous menu:
Networks to access: All Available.
Network Adapters Tab:
My network card connects to: The Internet.
As for the list of adapters......I have changed nothing as I know nothing!!
The list is a mystery to me.....I thought there would be just one.....??
Wireless LAN Tab:
Main Tab:
Status: Scanning network...
SSID: Blank.
TX Rate: Auto.
Mode: Infrastructure.
Channel: Blank.
BSSID: Blank.
MAC: Contains the associated MAC addy.
IP: Blank.
Signal Quality: Blank.
Settings Tab: Untouched.
LEAP Tab:
SSID: Shows my livebox, correctly named.
Authentication Type: Open System
Here, I have input my wanadoo user name and password.
Authentication Type: Open System. ( I have tried this with "EAP" selected but it has made no difference).
I have tried changing most of these settings with no luck...... I 've also tried removing the network (livebox) and letting it find it again with the default settings..... All I get is the same alternating messages prev mentioned??
Sorry this is so long....but thought I'd better put as much info in as possible
Can anyone help me?
Many Thanks in advance
Tim
Rom version 1.13.82 WWE
Rom date 11/30/05
Radio version 1.04.02
Protocol version 42.37.P8
ExtROM version 1.13.188 WWE
I have 128 bit wep enabled
Click to expand...
Click to collapse
Authentication: WPA-PSK (Although I've also tried this on "open").
Data Encryption: TKIP.
Click to expand...
Click to collapse
It looks like you're using 128bit WEP Encryption, and trying to connect using WPA-PSK Encryption ?
I'm no expert on setting up Wireless connections, but you'll want to recheck your settings and ensure you're using the same Encryption security on both your Wanadoo Livebox and the Exec.
"The key is automatically provided" box is ghosted.
Network key: Correct wep key, tried in upper and lower case.
Key Index: Is ghosted but shows "1".
Click to expand...
Click to collapse
Working from memory, you will need to set your Exec to WEP, which will unghost(?) the "The key is automatically provided". Uncheck the box and then type in your WEP key. Also ensure the Key Index is set to the same as your Wanadoo Live box.
At the moment, when it says "available", it basically means you have attached to the Wireless AP, but not authenticated (again, your trying to use different security types), so no IP is handed out to your Exec, thus no access..
Last time I tried setting up my Exec wirelessly I ended up hard resetting it, as I could no longer surf via the USB cable. YMMV of course..
cheers
Do you have DHCP enabled? Are your IP addresses static or dynamic?
Maybe they connect to eachother but if the IP addresses belong to different sub-nets, they will not allow any transfering.
I vaguely remember other people having problems with their Livebox and not being able to resolve them.
Might be worth searching the forums for 'livebox' to see what crops up. IIRC the problems were never solved. Wanadoo weren't interested in helping either.
Hi and Thanks.
I haven't got dhcp enabled so I believe the ip is dynamic?
I've changed my settings to "open" instead of "WPA-TPIK" and reinput my wep key.... but still with no luck
Aaah That's interesting.... and sounds about right for Wanadoo!!
I'm off to search now.
Thanks Again
Tim
TigerTim36 said:
Hi and Thanks.
I haven't got dhcp enabled so I believe the ip is dynamic?
I've changed my settings to "open" instead of "WPA-TPIK" and reinput my wep key.... but still with no luck
Aaah That's interesting.... and sounds about right for Wanadoo!!
I'm off to search now.
Thanks Again
Tim
Click to expand...
Click to collapse
Did you check the IP address that the Universal is using? Maybe you have to assign one within the subnet mask in the settings of the Wifi configuration of the universal. Normally, they asign in the 169.x.x.x grouping and the routers are normally 192.x.x.x so they will connect but will not send data to eachother.
Wep Keys
It's worth noting that you can usually input the key in hex or Ascii - I believe the key in the XDA will be in hex so make sure that the key in the AP is also in hex (I know that mine works when I use hex on both sides).
Dave
Hi Jorge, Only problem is which adapter settings to change from the list....I changed the settings for the first one in the list and input the correct primary and secondary DNS then input the correct ip addy and netmask and gateway......but still no joy
Do you know which adapter?
Thanks
Tim
Hi Dave, I used the keyboard to put the wep key in, as I did with the ipaq (no problem). How do I input it in using hexadecimal on the exec??
Much Appreciated....... anythings worth a try
Thanks
Tim
I believe the adapter is the tiacxwin CompatibleWireless Ethernet. It might be easier to just enable DHCP on your router, maybe? Don't you think?
Re: Wep Keys
Beridor said:
It's worth noting that you can usually input the key in hex or Ascii - I believe the key in the XDA will be in hex so make sure that the key in the AP is also in hex (I know that mine works when I use hex on both sides).
Dave
Click to expand...
Click to collapse
I have the similar problem with a LinkSys router before which generates a HEX pass key based on the ASCII phrase you provide, which did confuse me a bit. It is the HEX key you need to set.

Does Hermes support AES-CCMP EAP PEAP MSCHAPv2 CA validation auth key mgt 802.x?

We have having difficulties connecting to WiFi with the Hermes.
Our WiFi platform requires support of
WPA2 AES-CCMP EAP PEAP MSCHAPv2 CA validation auth key management 802.1x
According to Microsoft support both Windows Mobile 5 (AKU 0.3 and newer) and Windows Mobile 6 Operating Systems are capable of supporting this, but the question is whether the Hermes WLAN Host Controller chip and driver(s) support it.
We don't seem to get anywhere with Dopod / HTC support on this ... so I was wondering whether anyone here in the Forum can confirm or deny whether this is supported, thanks.
AES-CCMP EAP PEAP MSCHAPv2 CA validation auth key mgt 802.x?
I am copying/pasting this from my post on MSDN. I worked on this problem for days and i'm quite frustrated that Microsoft did not fix it right out of the box. I'm not sure how much it will help but hopefully it will get you connected or at least point you in the right direction. It seems to be centered around some missing or incorrectly configured registry keys:
---------------------------------------
Greetings,
I am using a similar system and I was able to get my Windows Mobile Pro 6.1 (HTC Mogul) to work after 3 days of troubleshooting. Thanks goes to Tom_HHA above who commented on the EAP extention number (25 vs 26) and to IANA for their help publishing the applicable RFCs.
http://www.iana.org/assignments/eap-numbers
Below is my configuration. It may or may not be applicable to your situation but it may help get you connected.
Tom_HHA commented that after pressing FINISH he was prompted for he username, password, domain repeatedly.
"The device ask for a domain username/password but keeps redisplaying the prompt after 5sec or so"
I do not have a complete understanding of why but after making the necessary registry changes I was also prompted for my username/password repeatedly. I entered the password once, checked the "save password" box and just kept pressing OK until the window went away. I *suspect* (although I could be terribly wrong) that WM is attempting the connection using various adapters until it finds one that works. If anyone from Microsoft can help explain why pressing OK once causes the prompt to reappear but pressing OK several times leads to a successful connection? I also would like some additional clarification about the "network adapters" tab, how to use that tab and what effect that has on the existing connections. My currently highlighted adapter is PPTP NDISWAN Miniport but I strongly suspect the highlighted adapter is not indicitive of what adapter is actually being used.
If anyone has any difinitive answers then I would appreciate sharing of knowledge.
REGEDIT4
[HKEY_LOCAL_MACHINE\Comm\EAP\Extension]
[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\26]
"ValidateServerCert"=dword:00000000
"InteractiveUIPath"="eapchap.dll"
"Path"="eapchap.dll"
"InvokeUserNameDialog"=dword:00000001
"InvokePasswordDialog"=dword:00000001
"FriendlyName"="MSV2-Challenge"
[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\4]
"Path"="eapchap.dll"
"InvokeUserNameDialog"=dword:00000001
"InvokePasswordDialog"=dword:00000001
"FriendlyName"="MD5-Challenge"
[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25]
"ValidateServerCert"=dword:00000000
"EAPMSCHAPv2Only"=dword:00000001
"InteractiveUIPath"="eaptls.dll"
"Path"="eaptls.dll"
"ConfigUIPath"="eaptls.dll"
"InvokePasswordDialog"=dword:00000001
"InvokeUserNameDialog"=dword:00000001
"FriendlyName"="PEAP"
[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\13]
"FriendlyName"="Smart Card or Certificate"
"IdentityPath"="netui.dll"
"ConfigUIPath"="netui.dll"
"InteractiveUIPath"="netui.dll"
"Path"="eaptls.dll"
Add a network:
Network Name: (your ssid)
Connects to: Work
This is a hidden network: Checked
Configure Network Authentication:
Authentication: WPA
Data Encryption: TKIP
Key Provided Automatically: Checked
Configure Network Authentication: (screen #2)
Use IEEE 802.1x network access control: Greyed out and checked
EAP Type: PEAP
(I did not click on the Properties button - just click FINISH)
Edit/Delete Message
hi
i wrote my 802.1x problem here
will these registry settings solve ?

Cisco VPN Config HOWTO

I have posted this at DARKYROM, i thought it might be useful here too.
Heres a quick "how to" get Cisco IOS VPN working with DARKYROM native vpn client
because of the limitations in android we cannot use group authentication, it does not work.however this how to will show how you to create an L2TP/IPSec tunnel from your Cisco @ work or home to your droid (Preferably darky rom) native client. I.E. settings > wireless & networking> vpn
there is only one prerequisite and that is that you have advandced ip services ios ( required for ipsec)
heres the cisco config additions, please change the stuff in the <CHANGE ME>.
aaa new-model
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization exec default local
!
user <USERNAME> password <PASSWORD>
!
vpdn enable
!
vpdn-group L2TP
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
no l2tp tunnel authentication
!
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 3600
crypto isakmp key <KEY> address 0.0.0.0 0.0.0.0 no-xauth
crypto isakmp keepalive 3600
!
crypto ipsec transform-set ipnetconfig esp-3des esp-sha-hmac
mode transport
!
crypto dynamic-map ipnetconfig-map 10
set nat demux
set transform-set ipnetconfig
!
!
crypto map cisco 10 ipsec-isakmp dynamic ipnetconfig-map
!
interface FastEthernet 4 (This is the OUTSIDE interface, this may be different on your router)
ip address dhcp
duplex auto
speed auto
crypto map cisco (This is the line required to your outside interface)
!
interface Virtual-Template1
ip unnumbered FastEthernet 4 (This is the OUTSIDE interface, this may be different on your router)
peer default ip address pool poolipnetconfig
ppp encrypt mppe 40
ppp authentication ms-chap-v2
!
!
ip local pool poolipnetconfig 172.16.0.9 (change this to whatever range your lan is as this is the address that will be assigned to your droid)
!
end
DO NOT Just copy and paste this onto your router. you must edit it first and remove the comments and the brackets.
Please change the ip, username, passwords and keys to make this work.
then basically on your droid goto the vpn settings and create a L2TP/IPSec vpn. input a name a shared key and the ip address or dns name of your router (internet address).
save the config and try to connect, this will ask for the aaa username and password. enter this and then it should connect. wayhey!!!!!!!!!!!!!!!!!
Any chance SSL VPN can work?
hmmmm dunno i have not tried... maybe ill have a go
hvc123 said:
hmmmm dunno i have not tried... maybe ill have a go
Click to expand...
Click to collapse
I found a Cisco Anyconnect client on the market.
https://market.android.com/details?id=com.cisco.anyconnect.vpn.android&feature=search_result
Just need to acquire mobile licenses for the ASA...

Adding Wifi network with Radius PEAP authentication

Hi,
is it possible to add Wifi network with Radius PEAP authentication ?
If yes, could you help me how to add it ?
Thanks.

Authentication type bug detected in TF101G

Hi all.
I have detected a bug in authentication type option when configuring a new APN for 3G connection.
In my company, mobile devices connect via 3G connection to corporate network resources. The authentication is provided by our corporate RADIUS server. For reasons not related to this issue, the RADIUS server only provides PAP authentication.
So I have set in TF101G's APN configuration username and password and entered PAP authentication type, but I cannot access to my network resources behind APN.
I have obtained some log and sniffer traces from our corporate RADIUS server where I can observe that TF101G always tries to authenticate using CHAP. So that's the reason why authentication fails.
I've also tested it with samsung smartphones and tablets and it works Ok!!
So I would be pleased if you could verify this same behavior in TF101G. But you would need to obtain sniffer traces from authentication process to verify.
Please, could you confirm this behavior?
Many thanks in advance and best regards,
Ernesto.
sometimes my lips get CHAPPED
Don't worry about that. Wikipedia is up again:
en[dot]wikipedia[dot]org[slash]wiki[slash]Chapped_lips
Best regards,
Ernesto.

Categories

Resources