Difference between revisions of "Virginia Tech Wifi (OLD)"
(→Select a connection method) |
imported>Mutantmonkey |
||
| Line 7: | Line 7: | ||
! Network | ! Network | ||
! Authentication | ! Authentication | ||
| − | ! | + | ! Encryption |
! Setup | ! Setup | ||
! Support | ! Support | ||
| Line 13: | Line 13: | ||
| VT-Wireless | | VT-Wireless | ||
| Strong, two way ([[EAP-TLS]]) | | Strong, two way ([[EAP-TLS]]) | ||
| − | | | + | | Strong |
| Involved | | Involved | ||
| Many devices (Laptops and [[Android]] devices) | | Many devices (Laptops and [[Android]] devices) | ||
| Line 19: | Line 19: | ||
| VT-Wireless | | VT-Wireless | ||
| Good ([[PEAP-MSCHAPv2]]) | | Good ([[PEAP-MSCHAPv2]]) | ||
| − | | | + | | Weak |
| Simple | | Simple | ||
| Most devices | | Most devices | ||
| Line 25: | Line 25: | ||
| [[VT_WLAN]] | | [[VT_WLAN]] | ||
| Weak ([[w:Captive portal|Captive portal]]) | | Weak ([[w:Captive portal|Captive portal]]) | ||
| − | | | + | | None |
| Negligible | | Negligible | ||
| All devices | | All devices | ||
Revision as of 18:05, 19 August 2012
Since the fall of 2008, there have been two wireless networks on campus. One network, called VT-Wireless, encrypts all traffic and is secured with EAP-TLS or PEAP-MSCHAPv2. The other network, VT_WLAN, is an unencrypted, captive portal wireless network. While connections to VT-Wireless are secure by default, and require no user authentication once set up, the EAP-TLS setup has a number of steps. In contrast, setup for VT_WLAN network is negligible, but you will be required to manually authenticate each time you connect (although this can be scripted), and your traffic will be readable to everyone.
Select a connection method
| Network | Authentication | Encryption | Setup | Support |
|---|---|---|---|---|
| VT-Wireless | Strong, two way (EAP-TLS) | Strong | Involved | Many devices (Laptops and Android devices) |
| VT-Wireless | Good (PEAP-MSCHAPv2) | Weak | Simple | Most devices |
| VT_WLAN | Weak (Captive portal) | None | Negligible | All devices |
The best option is EAP-TLS, which provides strong, two-way authentication to ensure that neither you or the authentication server can be impersonated. Unfortunately, setting up EAP-TLS can be somewhat involved because it requires a certificate to be installed on the device. If this is a problem, you should try PEAP-MSCHAPv2 as it still provides somewhat strong authentication and allows connection to the encrypted VT-Wireless network.
VT_WLAN is an unsecure captive portal wireless network. It requires no set up at all, but you must log in with your PID and password every time you connect. Since it is not secure, it is simple for any and all unencrypted traffic on the network to be sniffed by anyone within range and is also vulnerable to deauthentication attacks. Its use is strongly discouraged.
| Select a method for setup instructions | |
|---|---|
| EAP-TLS | PEAP-MSCHAPv2 |
