| Table of Contents |
|---|
Testing your eduroam setup (especially when you are new) can be daunting. The developers of the wpa_supplicant software on Linux provide a handy tool called eapol_test that will test an EAP authentication flow like a client with a lot of debug information.
eapol_test is traditionally only available on Linux. Instructions to build it for Linux and for 64-bit Windows (Windows 7 and later) are below.
If you do not want to build eapol_test for Windows yourself, you can download a digitally signed copy at Github: https://github.com/janetuk/eapol_test
Linux
Build on Linux
Preparatory work
...
| Code Block | ||
|---|---|---|
| ||
sudo apt-get install libssl-dev |
NOTE: The following packages may also be required: libdbus-1-dev, libnl-3-dev, libnl-route-3-dev and libnl-genl-3-dev, as well as configuration changes in dbus/dbus_new.c (Ubuntu 20).
Building eapol_test
Download wpa_supplicant's source at https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
Unpack the wpa_supplicant distribution, change into the wpa_supplicant/ subdirectory and create the default config file by executing
...
Download eapol_test.c.patch (for wpa_supplicant v2.9 or earlier) and eapol_test.config from https://github.com/janetuk/eapol_test
...
Download wpa_supplicant's source at https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
Unpack the libtommath distribution. Note the directory you unpacked it to. You will need it when you build eapol_test.exe
...
| Code Block | ||
|---|---|---|
| ||
LTM_PATH=<directory where you built libtommath> |
(for wpa_supplicant v2.9 or earlier) Run the patching command to fix eapol_test.cc
| Code Block | ||
|---|---|---|
| ||
patch eapol_test.c <full path to eapol_test.c.patch> |
...
You should now have an eapol_test.exe around 6,707,168 bytes -7 MB in size.
Copy this to a Windows box. Run it without parameters in a command-line window (this is not a GUI application). It should display command-line parameters.
...
Building the sources
Download eapol_test.c and (for wpa_supplicant v2.9 or earlier only) and eapol_test.config from https://github.com/janetuk/eapol_test. For the purposes of these instructions, we shall use C:\Users\Administrator\Desktop.
...
Download wpa_supplicant's source at https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
Unpack the libtommath distribution. Note the directory you unpacked it to. You will need it later. For the purposes of these instructions, we shall use C:\Users\Administrator\Desktop\libtommath-1.2.0
...
This should build successfully and leave you with a library in the directory.
Copy eapol_test.config and eapol_test.c to the wpa_supplicant subdirectory.
| Code Block | ||
|---|---|---|
| ||
cd C:\Users\Administrator\Desktop
copy eapol_test.config wpa-2.9\wpa_supplicant\.config
copy |
(for wpa_supplicant v2.9 or earlier only) Copy eapol_test.c
...
You to the wpa_supplicant subdirectory. You will likely be prompted to overwrite eapol_test.c. Confirm by answering 'Y'.
| Code Block | ||
|---|---|---|
| ||
cd C:\Users\Administrator\Desktop
copy eapol_test.c wpa-2.9\wpa_supplicant\eapol_test.c |
Change to the wpa_supplicant subdirectory.
...
You should now have an eapol_test.exe around 6,424,514 bytes -7 MB in size.
Run it without parameters in a command-line window (this is not a GUI application). It should display command-line parameters.
...
| Code Block | ||
|---|---|---|
| ||
network={
phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=0 tls_disable_tlsv1_3=1 peapver=0"
key_mgmt=WPA-EAP
eap=PEAP
identity="<username@realm>"
anonymous_identity="@realm"
password="<userpassword>"
phase2="eapauth=MSCHAPV2 mschapv2_retry=0"
# ca_cert="<full path of the CA root certificate>"
# subject_match="<subject CN>"
# altsubject_match="<DNS: entry from subjectAltName>"
# domain_match="<subject CN>"
} |
To use server certificate validation, uncomment the ca_cert line.
...