Hello everyone
Last school year, when I still had the original WM5 ROM on my Uni, I could connect to my school's wifi network that requires:
- WPA-Enterprise (Not WPA2!)
- AES encryption (AES on WPA - not 2 - looks a bit strange, but it«s the way it is setup on Windows 7 that can connect)
- PEAP for the EAP
- The routers are Cisco gear so I suppose they use Cisco LEAP
- No certificate (do not validate server cert)
On WM5, I could connect: I could select WPA on the first dropdown of the network settings, then on the box below that one I selected AES. Next step, I selected PEAP for the EAP type, and Finished. then I added a registry key somewhere so it wouldn't try to validate the server certificate. It asked for my credentials when I tried to connect to the network, and it connected fine and worked well.
Now I use a WM6 ROM, Tomal 8.9. I can select WPA but there is no AES option, only TKIP. I already added the registry key for it not to validate the server certificate, but it isn't even trying to validate the cert - doesn't get to that step, the furthest I could go was having it asking my network credentials in an infinite loop.
Should I try another ROM? (oh, and BTW, I'm sure that the network doesn't use WPA2, but WPA with AES encryption)
Any help is greatly appreciated. Even because I don't have a 3G data plan and the wifi at school was very useful.
Regards
Nevermind. After inputing my network credentials enough times, I could connect using TKIP. But somehow Windows computers are still configured for WPA AES instead of TKIP, which is strange. Anyways, it works now, and that's what matters.
Related
Hey Guys,
I have a 8125 from Cingular and when, when i try to log in to my work wireless network, after typying in my username, password and domain, it gets connected and as soon as it does message pops out saying: "cannot log on to the wirells network. This network requires a personal certificate to positively identify you."
so pretty much i can't get connected, what should i do to resolve that?
Here are the network card settings for my work access:
Authentication: WPA
Data Encription: TKIP
802.1x
EAP type: PEAP
thanks
I have the exact same problem as you. I haven't been able to figure it out either. I believe my connection is LEAP though, not PEAP.
ive just set up my home network. I got everything working on the setup, main puter, 3 laptops, XDA mini s and XDA2i. I then added wpa psk with tkip. The laptops and the main puter all work fine but both the XDA's with the password entered just sit there either saying connecting or netwok available. They will not connect. Very very frustrating.
Pete
For some reason using PEAP on a Windows Mobile device requires you to have a Client Certificate installed on the device as well as the server certificate. Luckily the Wizard has a certificate enrollment utility built in (Settings, Connections, Wireless LAN). Make sure the certificate template 'ClientAuth' is enabled on the CA Server.
Obviously you need to enroll whilst the Wizard is connected to your PC and on the network.....
HTH
Andy
OK US Robotics MAXG router. All set up, laptops etc working fine. I got the mini s and the xda2i working on it too.
Then i went and stuck the security on it
WPA2 and WPA (PSK)
TKIP and AES
entered all the correct stuff on the computers and working ok.
with both the XDA's it says trying to connect but wont.
I ve looked in the distruction books for both 2i and mini s but they just say you might need to enter some password!!!
so mini s and xda 2i settings are
general tab
network name 'xxxxxxxxx'
connects to 'the internet'
network key tab
authentication 'wpa-psk'
data encryption 'tkip'
network key 'correct entry for my sys'
key index 'greyed out'
802.1x tab
nothing changeable but set to
use ieee 802.1x net access control
eap type 'smart card or cert
they both sit there saying my network is available but wont connect.
anyideas whats going on??
Network Prob
I recall a similiar problem some time ago and as far as I can remember I solved it by changing the encryption to WEP. It's worth a try.
Cheers.
Phil C
cheers.... dont want to go to WEP as its crackable in under 5mins by a novice now!!
Seems a bit silly that the XDA's have the apparent ability to do this encription but then won't work.
Pete
Is WEP really that hackable??
heres the info i found on it.
http://blogs.zdnet.com/Ou/index.php?p=42
http://blogs.zdnet.com/Ou/index.php?p=43
http://www.lanarchitect.net/Articles/Wireless/SecurityRating/
worth a read.
I'm using the exact same router with the same wireless security config. While other clients can connect to the router using WPA or WPA2 with TKIP or AES encryption, my TyTN simply refuses to connect.
After some intensive trial/error, I figured out the problem to be the TyTN itself, which simply can't get associated with the router when both TKIP and AES is selected on the router. Changing the WPA encryption to TKIP only while keeping both WPA and WPA2 authentication on the MAXg router solved the problem (no need to use the less secure WEP encryption).
Hope this helps.
HT
cheers, i have been playing with my settings too. I found that i had to change to WPA and TKIP only to get he Mini s to connect but hte 2i still wont The only thing i really use the connection at home for is to transfer files if im on the laptop rather than having to go to my main puter and plugging it all in. Its a pain as i tend to use the PDA's at work for stuff. Ill just have to get off my ass n go up stairs and do it now. Its a pain and it should work but im learning that these things aint all they should be
ConnorP said:
Is WEP really that hackable??
Click to expand...
Click to collapse
You bet it is, Try backtrack 2.0 is self booting linux build for "testing network security"
Using a T-mobile MDA Wiz200 w/ WPA-PSK, the correct encryption key, the latest ROM update, and 802.11g enabled, I cannot login to a network with WPA-PSK encryption. That WPA-PSK network does not require a certificate or smart card. The network is detected, MDA tries repeatedly to connect, but no IP address is provided. I can login to Open, WEP encrypted access points, and T-Mobile Hotspots with no problems.
With WPA-PSK enabled, if I click Settings, Connections, Network cards, the access points name, and 802.1x, the checkbox for 802.1x network access control can't be unchecked, although a checkbox is displayed. I believe this is the problem because when I use my HP laptop's built in wireless and uncheck the same 802.1x network access control option, I can login to the WPA-PSK encrypted network with no difficulties.
Question: Does anyone have a hack or suggestion for a way to allow the IEEE 802.1x network access control requirement to be unchecked on a T-mobile MDA Wiz200 Windows Mobile 5.0? Any suggestions are appreciated!
ROM version: 2.16.10.2 WWE
Radio version: 02.15.11
Protocol Version: 4.1.13.12
ExtRom version: 2.26.10.105
Windows Mobile 5.0 OS 5.1.185 (Build 14955.2.3.0)
Hi, just wanted to note that I'm having a similar/the same issue. Router is a Linksys WRT54G running standard firmware, no Open WRT. I've been able to connect my MDA to every other access point I've tried without problems, but I cannot get it to connect to my own G router with WPA-PSK. Same behavior as above post. Any help would be greatly appreciated!
i haven't seen wpa in any rom except for orwells1984. even the pdaviet roms dont have it.
WPA/WPA-PSK authentication and TKIP encryption are included in ALL ROMs for the Wizard, no execeptions. Faria managed to add WPA2 & WPA2-PSK authentication as well AES encryption in his AKU 3.3 ROMS which I can verify works perfectly (WPA2 & WPA2-PSK both with AES encryption). The reason 802.1x is greyed out with WPA-PSK & WPA2-PSK is it isn't relevent with this authentication type. WPA & WPA2 (Enterprise) requires a back-end RADIUS Server that performs the authentication using 802.1x.
With WPA-PSK & WPA2-PSK you are relying on knowing the Pre-Shared-Key (PSK), my guess is you have entered it incorrectly. Re-check the key you entered.
HTH
Andy
Thanks ADB100. Yes, I'm the network engineer that set up the WPA-PSK network I'm trying to access using a Wizard. What you describe is exactly the way it is supposed to work with an initial Pre-Shared Key (but without any Radius Server, smart card or certificate). All my HP and Toshiba laptop users can access that network without problems using their laptops running Windows XP Pro when in Wirelesss Network Connection Properties the "Authentication" tab for a WPA-PSK wireless network has the check box for "Enable IEEE 802.1x authentication unchecked.
Here's what causes my confusion with the Wizard (although this may just be a badly designed GUI in Windows Mobile 5.0). When WPA-PSK with TKIP data encryption is enabled in the Wizard (T-mobile ROM 2.16.10.2.WWE) and I click on the 802.1x tab, a page displays showing a box checked by default which cannot be unchecked to "Use IEEE 802.1x network access control" and with "EAP type: Smart Card or Certificate" also displayed but grayed-out in a drop-down box.
I work for a software development company and we would use that display configuration to show settings enabled by default that cannot be changed. To indicate that settings are not in effect we would either (a) not display any settings at all, or (b) have the tab open but have all the text grayed-out with the "Use IEEE 802.1x network access control" box unchecked, and with a blank field displayed in the "EAP type" drop-down box.
I appreciate your suggestion about making sure the encryption key is correct because its always useful to start with the basics. I'll also try re-entering the key using both the keyboard and the touch screen on the Wizard just to make sure there are no problems with the type of date entry I'm using. However, the encryption key that I've been entering on all the laptops that I've set-up for users of the wireless network has worked fine.
Do you have any other ideas or suggestions?
Hey folks,
I agree with jonmcad that leaving the box checked when grayed out gives the user the impression that this option is selected and cannot be disabled. But I understand that's not what's really going on. As for my wifi problems, after reading several other threads here, I got things working by changing the channel my router was using from 6 to 1. Works fine now. I don't know if changing the channel would be an option in a corporate environment, that's just what worked for me.
I have the same observation as you on a different device.
My PDA is AIRIS T620.
When WPA-PSK is enabled then the checkbox for 802.1x network access control cannot be unchecked (it is grey on the sheet).
I tried to disable 802.1x by different way. I have downloaded Total Commander for PDA (or for Win CE? I don't remember exactly). With the help of that utility the registry can be searched and edited. I have found \\\registry\HKCU\Comm\EAPOL\Config\Network_name\Enable8021x key with 1 as value. I changed the value to 0. After I started network connection the value was changed back to 1. There is another key too: \\\registry\HKCU\Comm\EAPOL\Config\Network_name\EapTypeId. I tried to delete this key while Enable8021x was set to 0. The result was the same: the WPA-PSK connection was unsuccessful and the original keys and values were restored.
I have no other observations ...
László
I had the same problem today while trying to connect to my wpa-psk tkip wifi. Then i remembered i had messed around with Advanced Config, setting wpa authentication to enabled. So i reseted it back to disabled and after soft reset i was once again able to connect to my wpa-psk tkip network.
I met the same issue.
1. I use WPA2/PSK - AES or TKIP
2. "Use IEEE 802.1x network access control" is checked, and grayed. I can't uncheck it.
3. My phone can connect to the router, but IE won't show a webpage.
4. While my laptop works fine.
Hi guys, does anybody found a solution for this?
Can anyone find the solution for this as i Have HTC Touch Diamond.
I've been struggling with this for a week now. Looking at my laptop as a guide, I've got the connection on my phone set up as follows:
Authentication: Open
Data Encryption: WEP
Key is automatically provided: yes
Uses IEEE 802.1x network access control: yes
EAP type: PEAP
I was given a certificate by the IT guys and it installs fine on my phone under root certificates.
When I attempt to connect to the network, it keeps coming back with an error saying the I need to have a personal certificate to positively identify me. Hmmm...
I do have a certificate! Is there a difference between the root and personal certificates? Do I need a personal certificate for some reason or should the root certificate that I was given suffice?
Any suggestions? This is driving me crazy!
Thanks!
Same here...
I am having the same exact problem!
Me too! Except with WPA2 AES (and WPA TKIP, our AP supports both).
Did you try disabling proxy ?
I have that problem too at my work. The problem is that you will need a username and certificate so that the server will accept you as a user. Now you can only connect but you can't do anything without the username, u see
Hi
I'm using a T-Mobile MDA Vario III. I would like to be able to connect to my home network via the wifi/wlan (what's the difference).
On my router I use WPA/WPA2 with PSK authentication - not 802.1x.
I ave never been able to configure the VIII to connect, it always wants use this 802.1x thing and it's greyed out.
Is there some way of getting rid of it? If I use open network it connects ok.
Please help I am heading for a breakdown!
thanks
Mike
I think you are missing how these things work.....
WPA is either PSK or Enterprise - PSK you enter a key (Pre-Shared-Key), Enterprise the key is dynamically assigned. This is the same for WPA2. The reason it is greyed out when you select WPA or WPA2 is it isn't an option, with WPA-PSK & WPA2-PSK a manual key is mandatory.
If you use WPA or WPA2 (Enterprise) then you MUST have a centralised Authentication mechanism in place (RADIUS).
Does this help?
Andy
Ummm... not really, sorry.
I've attached a couple of screen shots if that helps.
On my router (it's a Belkin) the ieee 802.1x is off when I select wpa2 and psk (i don't have anything for tkip, and have no idea about what the other settings mean when it's not psk).
It seems incredibly complicated this wifi caper. I've never manged to get to connect to any other network except mine with no security.
dinny66 said:
Ummm... not really, sorry.
I've attached a couple of screen shots if that helps.
On my router (it's a Belkin) the ieee 802.1x is off when I select wpa2 and psk (i don't have anything for tkip, and have no idea about what the other settings mean when it's not psk).
It seems incredibly complicated this wifi caper. I've never manged to get to connect to any other network except mine with no security.
Click to expand...
Click to collapse
No, the reason the options on the 802.1x page are not available is because they don't apply when using Pre-Shared-Keys.
TKIP & AES are the encryption methods used, WPA/WPA2 is the authentication method, they are independant of each other but reliant on each other as part of the standard. i.e. if you want to use WPA-PSK authentication then you have to use TKIP or AES encryption.
I am still confused over your question? I have a HTC Kaiser and it is configured to access multiple networks - one uses WPA2-Enterprise/AES, a couple use WPA-PSK/TKIP, another one uses WPA2-PSK/AES and a few are just Open with no encryption. They all work though.....
Andy
OK, let's approach it a different way round then. How do I configure my VIII to connect to my router, using a secure method?
Thanks
dinny66 said:
OK, let's approach it a different way round then. How do I configure my VIII to connect to my router, using a secure method?
Thanks
Click to expand...
Click to collapse
On your Wireless router or Access Point you enable WPA-PSK or WPA2-PSK for your WiFi network (SSID) and enter a Pre-Shared-Key, depending on the device you may or may not get options for the Encryption type, if you do it will either be TKIP or AES. My access point allows me to use either, however older equipment may only support TKIP, even older equipment may only support WPA-PSK as well and not WPA2-PSK.
Lets pretend you use the WiFi SSID 'MY-WIRELESS' and use WPA-PSK Authentication with TKIP Encryption and a PSK of 'My-H0m3-W1F1'. Lets also assume you aren't making this a hidden network (Broadcast SSID).
On you VIII device you then enable the WiFi (or Wireless its the same thing) when you see the 'MY-WIRELESS' SSID you select it which should open the 1st page of the configuration. Select 'Connects to: The Internet' and click next, then select 'Authentication: WPA-PSK' and 'Data Encryption: TKIP' and enter ''My-H0m3-W1F1' in the 'Network key:' box. Click next, ignore the next page and click finish. That's it.
Andy
That's it! Just like that. I don't believe it.
Thanks muchly!
The Belkin router uses wpa or wpa2 and aes( according to belkin site). Authentication is via 802.1x or PSK, not both.
I did have the VIII set for tkip originally, and wpa2-psk. Set at WPA-psk aes and it went straight on.
Thanks so much Andy. Ur a diamond.