Wireless Tools to it in order to speak WPA and 802.1X to the
VT-Wireless network. Refer to the [http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=4&chap=4#doc_chap2 Gentoo documentation] for a step-by-step guide to setting up WPA Supplicant.
=VT_WLAN=
VT_WLAN service is available in approximately 90% of academic and
administrative spaces across the Blacksburg campus. This wireless
network is composed of unencrypted IEEE 802.11g access nodes. To limit
access to faculty and staff, VT Communications Network Services uses a Cisco captive portal. They switched from Bluesocket during the summer of 2009. You have to register for [http://www.cns.vt.edu/html/wireless/wlan/registration.html Customer OnLine Access (COLA)] or in person at the Student Telecommunications Office to enable your account.
==Authentication==
The captive portal system will hijack the URL you first try to visit. Due to the nature of [[w:SSL|SSL]], https connections cannot be directed to the login page and will time out.
Type in your PID and password to be granted access.
==Logging in from the Command Line==
You can use CURL to log in from the command line or automate this (or any) web-based process. VTLUUG members previously provided scripts for the Bluesocket authentication, but due to the improvements that VT-Wireless brings, noone has bothered to write a new script for the Cisco captive portal.
==Some Technical Details==
The access points force SSL and are all signed by the Thawte Premium Server CA. The routers are named:
* bur-agw-2.cns.vt.edu
* bur-agw-3.cns.vt.edu
* cas-agw-?.cns.vt.edu
* hil-agw-?.cns.vt.edu
* isb-agw-?.cns.vt.edu
* owe-agw-1.cns.vt.edu
* sha-agw-1.cns.vt.edu
Some other details:
* Generally, in order to minimize congestion, connectivity is spread across multiple channels.
* No MAC-based authentication is performed.
* DHCP is independent of the captive portal authentication and occurs first.
* You can ping without logging in.
* All wireless networks (including the .1x networks) on campus now use [[rfc:1918|RFC-1918]] addresses from the 172.31.0.0/16 network. These are
translated with NAT into 198.82.x.x addresses for access outside the wireless network.
* All of the .1x wireless networks support IPv6. Some of the VT_WLAN networks support IPv6. [Is IPv6 now deployed everywhere?]
* You can access certain [all?] VT sites like [http://www.cns.vt.edu/ CNS] without having to authenticate.
=Network Information Sources=