Can't connect to WPA2 Enterprise with PEAP

I originally posted this to someone with an older problem.
It was suggested that if I wanted someone to look at it, I should start a new thread: ok, i can do that.

I am using nm-connections-editor [gui interface for connections]
I also have nmtui [network text user interface]
the wireless “connections” are in /etc/NetworkManager/systems-connections.
and yes, you can creat some and edit them with the tools mentioned above.
you can find that stuff on :
https://software.opensuse.org/packag…nection-editor
https://software.opensuse.org/package/NetworkManger-tui

that’s the good news [if there is some…]

The connections are files, so you can vim and vi them and you can use the nmcli to start them.
Also the nm-conections-editor above is kind of a “macro editor” and creates the required syntax in detailed instructions in the connection files [if you will].

The problem that I have is that, though I have better access to viewing and changing these files via the commands above, I still cannot get a WPA or WPA2 leap [MSchapv2] session working with the free radius setup I have.

I am running the Network Manager on tumbleweed [Suse]. I can see all of the networks in the East Stroudsburg University environment.
I built one for the Computer Science department off of a cisco 1282 Access point supported by free radiusd.
I can confirm that the access point works, my macbook has access via a profile I setup on it.

The access point is setup with WPA, and 802.1x peap / MSchapv2.

“Dark-net1” which is basically a network profile, and listed below.

I will admit to a vim on this file, this was originally created by the nm-connections-editor. That editor[nm-conncetion-edittor] only allows 802.1x to have wep, so I inserted what i found on a configuration of wpa for security, and there is probably some syntax error. Be that as it may, I have played with this for more than a week. If someone can give me an idea of what should work, I would appreciate it.
[help here Suse guys, I need it…]

all that said… I can cat the file :


nightstorm:/etc/NetworkManager/system-connections # cat dark-net2  
[connection]  
id=dark-net1  
uuid=574e6d32-e6fc-403f-88bb-b104d093acb2  
type=wifi  
interface-name=wlp3s0  
permissions=  

[wifi]
mac-address=00:24:D7:27:5D:30
mac-address-blacklist=
mode=infrastructure
ssid=dark-net1

[wifi-security]
key-mgmt=wpa-eap
psk=LALALAND5432

[802-1x]
eap=peap;
identity=[my name]
password=[my password]
phase2-auth=mschapv2

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto
nightstorm:/etc/NetworkManager/system-connections # 
#####

I should mention I am tumbleweed os-release: version= 20170406
and I have 3 other ESU lans working on this machine, so I can say the Network Manager appears to work, we just have to straighten out some details with peap and mschapv2… any suggestions? I have a few more things I am trying, but nothing has worked so far.

the mac os x profile is below if that helps. [sierra os x]



moonshadow:~ [id]$ cat dark5.mobileconfig 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>EAPClientConfiguration</key>
            <dict>
                <key>AcceptEAPTypes</key>
                <array>
                    <integer>25</integer>
                </array>
                <key>UserName</key>
                <string>Userpassword</string>
                <key>UserPassword</key>
                <string>passwordImadeup</string>
                <key>OuterIdentity</key>
                <string>idmadeup</string>
                <key>TLSTrustedServerNames</key>
                <array>
                    <string>nightgate.dark.net</string>
                </array>
            </dict>
            <key>EncryptionType</key>
            <string>WPA2</string>
            <key>Password</key>
                        <string>LALALAND12345</string>
            <key>PayloadDisplayName</key>
            <string>cpsc2</string>
            <key>PayloadIdentifier</key>
            <string>Dot1xProfile.E2B1B2A1-1135-40C7-AD04-11FE6E9E3E8F.com.apple.wifi.managed.E03E0460-3F2C-441A-84CB-39939F9282D1</string>
            <key>PayloadType</key>
            <string>com.apple.wifi.managed</string>
            <key>PayloadUUID</key>
            <string>E03E0460-3F2C-441A-84CB-39939F9282D1</string>
            <key>PayloadVersion</key>
            <real>1</real>
            <key>IsHotspot</key>
            <false/>
            <key>ProxyType</key>
            <string>None</string>
            <key>SSID_STR</key>
            <string>dark-net1</string>
            <key>HIDDEN_NETWORK</key>
            <false/>
            <key>AutoJoin</key>
            <false/>
        </dict>
    </array>
    <key>PayloadDisplayName</key>
    <string>dark2</string>
    <key>PayloadIdentifier</key>
    <string>Dot1xProfile.E2B1B2A1-1135-40C7-AD04-11FE6E9E3E8F</string>
    <key>PayloadOrganization</key>
    <string>academic_computing</string>
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadScope</key>
    <string>User</string>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>1FEC8C1E-B8DA-4558-A8AA-</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
</dict>
</plist>
moonshadow:~ [id]$ 

Thanks to [FONT=Verdana]Henk van Velden

tob[/FONT]

this seems so simple, why is it so hard?

I need to declare that I am making a 802.1x connection.
I need to send the wpa encryption key.
then I should be prompted for the user id and password.
I sent that, it gets to the radiusd server, and I get a dhcp address.

do I have to tell it I have a fake wep key instead of a wpa key?

this boarders on stupid [probably me].

for the windows machines I have to force a router and dns, since windows 10 doesn’t work real well either, then I can get them to work… or should I be using the WPA2 enterprise option…
this is so confusing …

tob