802.1X EAP-TTLS (RADIUS) wireless network authentication using NetworkManager/nm-applet (eduroam)

Same problem here; student at Twente University, the Netherlands. Connecting to the wireless network is quite tricky, even with the description provided by the network administrators. It would help me much if connecting would be made easier.

It also keeps student from trying Ubuntu, because using the wireless network is essential. When it's such a hassle to connect, most users stop using Ubuntu and go back to Windows.

I have figured out how to configure the network manager applet to make it work (screenshot attached). The key was to manually select "Dynamic WEP" ("Automatic" does not work) for key type and other settings as in the image. When this is set once manually the applet will remember the settings.

Still I think it is not ideal since in the initial dialog asking for a network key it is not possible to select the right type (EAP). Since it is possible this is not really a bug anymore but maybe more "wishlist".

Part of trouble is that both PEAP and TTLS don't tell supplicant supported phase2 protocols (some of PAP/CHAP/MSCHAPV2) and another part is that you can't tell NM(-applet) to remember credentials even if something goes wrong. (I filed upstream bug report, feel free to add it to "also affects project": http://bugzilla.gnome.org/show_bug.cgi?id=514363 )

I'm still experiencing problems connecting to the eduroam wlan at my university with the current version of NetworkManager (network-manager-0.7~~svn20081008t224042, Intrepid). Somehow the connection times out, while connecting manually with wpa_supplicant (same settings and certificate ) works like a charm.

I've attached a tarball containing a logfile of NetworkManager, the respective iwevent output and my working wpa_supplicant config.

reopened

Most of the time I can get a connection, but I get disconnected *a lot*. Sometimes I cannot get a connection as described above.

should be fixed in NM 0.7

Well, maybe it should be fixed, but it still doesn't work for me. (I tried it again today with an Intrepid live CD)

Should I open a new bug?

we have a few EAP enterprise regression bugs open. bug 272185 ... and bug 291242 ... does one of those fit your issue?

No, none of these fits my issue. As I said, I don't get any error message, the connection attempt just times out. (I get one if I use an invalid certificate). Everything is working fine if just connect manually via wpa_supplicant (using the wext interface).
I will try again with a Gutsy live CD asap to check if it is a regression.

No regression from 7.10... The old NetworkManager doesn't even give me the option to select EAP as phase 2 authentication.

tdl, the network-manager in network-manager PPA increases the timeout ... so if its just atiming thing it might help you. please test.

See also this bug i'm trying to debug -> http://bugzilla.gnome.org/show_bug.cgi?id=558175
Feel free to track it via LP.