PI2 wifi with WPA2 enterprise

I don’t have this one clear. So I may modify the post later, please pass by if it doesn’t work in your case.

The idea is to place on the doors a PI2, connected to a touchscreen,  with the official case, default raspbian, and so on, just to show a PHP booking calendar. Firs stone I found is how to connect the little guy with our WiFi, using WPA & WPA Enterprise.

Of course you can google what to do. But there are a lot of PI’s out there, therefore you have a lot of solutions. Recently, it was even announced the number of pi’s sold  reached ten million. But in principle it is nothing compared with the billion of iPhones or the one point four billions of android devices. So let’s say it’s still a device for freaks.

I connected the touchscreen to my pi2, enclosed it on my case, and power it on. First thing you need to deal with is the absence of a keyboard. Fine with that, since it will be basically a display. I plug my spare one and go ahead. I can open a terminal. The default user is pi@raspberrypi. I change the password by typing passwd. For comfortableness I go to sudo, by typing sudo su. I update it, by releasing an apt-get update, change its name, and reboot.

Then I try to connect to our wifi. Our wifi “guest” is connecting, no problem, but we need to have it in our intranet, to access to the internal calendar. So I try the wifi “intern”. Surprise! How to authenticate the user? The default network manager does not have so many options! Since I like the command line, I try first to modify the WPA supplicant configuration as described on the given link. That seems unfortunately NOT enough, and after a couple of reboots, I still don’t connect to “intern”. My wpa_supplicant.conf looks like this:

network {
         pairwise=CCMP TKIP
         group=CCMP TKIP
         eap =TLS

Another link about the subject is confirming the configuration. So why it doesn’t work?  Wait a minute. Isn’t a computer? So let’s try what I do with the computers! I get the standard network manager. As root, I install all the network tools I think I may need :

# type this if you want to update from jessie to pixel
apt-get dist-upgrade
# type this if you dont want to go to pixel
# apt-get update 
apt-get install network-manager

During the network manager installation, you get this important message:

The following network interfaces were found in /etc/network/interfaces
which means they are currently configured by ifupdown:
- eth0
- wlan0
- wlan1
If you want to manage those interfaces with NetworkManager instead
remove their configuration from /etc/network/interfaces.

Then we install the GUI by typing apt-get install network-manager-gnome

… and via cable, I ssh to the pi2 from my desktop. Fine for now on, but when I go root, I can’t open the display. The error reads:

su -
X11 connection rejected because of wrong authentication.

I did what suggested on stack exchange. But it was not enough.

The solution was to edit /etc/ssh/sshd_config like this

PermitRootLogin yes
systemctl restart ssh.service

Now I can open the nm-connection-editor and do as usual. In my case, I fill something with these parameters:

Section Wifi:
SSID: intern
Mode: Infrastructure
MTU: automatic

Section Wifi-Security
Security: WPA & WPA2 Enterprise
Authentication: Protected EAP (PEAP)
CA certificate: No CA certificate is required
PEAP version: Automatic
Inner authentication : MSCHAPv2
Username: "DOMAIN\username"
Password: ****

I think the rest of the parameters you can tune yourself. I check that the connection works, obviously, by unplugging the cable. Then I reboot. Unfortunately, even marking the option “connect to the network when available”, something is not allowing my pi2 to connect automatically. Solution? To manually activate the connection using the wicd widget.

apt-get install wicd

Then I need to be sure the screen stays up. To do so, I disable sleep screen. Next thing is to run firefox at startup, full screen.

More tuning as soon as I tune it up 🙂


About bitsanddragons

A traveller, an IT professional and a casual writer
This entry was posted in bits. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s