22 May 2007

My school claims Linux users can't get wireless

Update: 2008-11-18

I go to George Washington University. On the GWireless FAQ, you can see that it says Computer Running Windows 2000 (Service Pack 3), Windows XP (Service Pack 1) or Mac OS X (10.3 or later). Note: We do not support LINUX as an operating system, which is just plain messed up. They forgot FreeBSD, too (there, Samy! I mentioned your beloved OS, now stop trying to convert me!). In case anyone cares, they don't support that either. I don't think this is a case of the school being stupid. I showed this to a few of the "tech support" people, and they said the school probably can't put the info up because it'd P.O. Cisco. One of my teachers suggested I put it online. It's been up elsewhere for a while, but it's in need of a revision, so I'm posting an updated one here. If your college uses Cisco VPN stuff (hint: if it lets you connect but keeps redirecting to some page telling you to download stuff, that's it) and refuses Linux and BSD users too, here's what you need to know. This is for Ubuntu and should work on Debian. The basic stuff will work for other distros, but of course it won't be aptitude and I don't know how the packages will be named. Gentoo users, look here: kunxi.org.

First, you need the gateway, ID, and secret key. Download the Windows .exe thing they have the Win-kids use. Use the command line (yeah, I know, but I don't think you can do it through the GUI...not that I ever tried...) and go wherever you saved the .exe file.unzip windowsvpnthing.exeFind the .pcf file. Open it in a text editor. Copy the giant line of mess and paste it into this page. That's for the "secret" or "group password." The other stuff's in plain-text.

Now it splits a bit. There's a few different ways to do this, depending on what DE you use and how you want to do it. There's the command line way which will always work. There's the NM way which works on Feisty with GNOME (probably also with KDE, untested, let me know if it does), providing you are using Network Manager (if you're unlucky enough to have a card that doesn't play nice with it and therefore use something else like wifi radar, use one of the other ways). Then there's Kvpnc for the KDE users (or Dapper/Edgy GNOME users who don't mind a KDE app).

  • Command Line:
    1. Install VPNC: sudo aptitude install vpnc
    2. Run it: sudo vpnc-connect
    3. Enter all of the data as it asks
    4. Questions 4 & 5 are about your personal login stuff. Whatever username and password you'd put in on Windows or a Mac, you put in there (GW kids, this is your cmail username and password)
    5. You can also, as root, create a file called /etc/vpnc/default.conf and make it look like this:
      IPSec gateway x.x.x.x
      IPSec ID mynetwork
      IPSec secret PaSSw0rd01
      Xauth username user01 
      Xauth password password1
      And then when you run sudo vpnc it'll automatically fill in that information.
  • KDE or Dapper/Edgy GNOME users:
    1. Install Kvpnc: sudo aptitude install kvpnc
    2. Run it
    3. Use the wizard
    4. For type of VPN, choose Cisco
    5. Pick "import pcf file" (okay so you didn't have to do the decrypting thing), put in your username/password stuff (GW kids: same as cmail) and at the end point it to the .pcf file that you unzipped (feel free to delete the other junk)
  • Feisty users:
    1. Install the VPNC plugin for Network Manager: sudo aptitude install network-manager-vpnc
    2. Click on the Network Manager plugin
    3. Go down to VPN Connections and click "Configure VPN"
    4. Click "Add"
    5. Hit "Forward" until you get to Step 2
    6. For "Connection Name" put whatever you want. It's just for your reference.
    7. Gateway and Group Name are from that pcf file you looked at earlier.
    8. Click on the "Optional" tab and put your username in the first field ("Override user name") to avoid having to type it.
    9. Hit "Apply"
    10. When you connect, it should ask about the Group Password / Secret. Put it in. If it asks about saving it in the keyring, do it. It makes life easier.

Any problems, questions, or verification that the NM method works with KDE? Comments are below.


Lilandra said...

I don't think it's precisely the same thing, "your school doesn't support linux" and "your school says linux users can't get wireless".

When they say they don't support linux, they really mean they just won't give you any information directly to get your linux wireless working. They're not going to help you. They most they'll say is it might work! (If they're true idiots they'll say it'll never work!)

Now, I know you probably know this but...I just felt the need to point it out...

it's late, i'm rambling...

Jack said...

This seems like an absurd wireless system! It seems a bit unnecessary when must schools use a simple web-browswer login authentification. It seems like they almost went out of their way to make wireless difficult for linux users.

Nice site by the way.

Lilandra said...

things could be worse

my school really doesn't support linux in any sense of the word (okay, it might be in some of the networking labs machines).

staff computers can't get on the network unless they're running windows. and students can't use the wireless unless their laptop is running windows.

i haven't tried...you know installing linux and seeing what really blocks me (they might ban my assigned IP?)...cuz i am finally leaving!

Mackenzie said...

Lilandra, they actually DO say it's impossible to get wireless without Windows or Mac! I showed one of the tech support people, and his jaw dropped because he'd been told (and told so many people) that it simply couldn't be done.

Lilandra said...

I take it back! Idiots!!!

Don't you hate when there are idiots in tech support or such like? :-(

Mackenzie said...

Yes, I do hate that. I no longer ask the "Geek Squad" questions. I tried making it as simple as "Google this for me and tell me what it says" and they were STILL wrong!

V2Patil said...

hi i'm a GW student too, and I'm trying to get my new Windows Mobile 6 PDA to connect to gwireless.

do you know how I can do that? it seems there are tons of VPN clients for sale, but I'm not sure if I need those or if they'll even work.

if you be nice if there was a place within WM 6.0 where I can input the IP, group user name and password, and get it to work.

right now it will connect to the network with the wifi, but just gives the usual msg about not having the VPN installed when i open up IE.

thanks in advance for your help.

Mackenzie said...

I'm sorry, I don't know all that much about Windows, but I'll look around and see if I can find a free VPN client for WM6. You could also try asking Professor Robin. I know he has a PDA that he uses with the VPN.

V2Patil said...

thanks. i found one that has a free trial period.


so at least i'll be able to figure it out before putting down the cash for it.

thanks for your help.

Anonymous said...

There is a Cisco VPN Client for Linux, made by Cisco, but the people who own the VPN hardware (in your case, the GW IT department) are the only ones that can download it and then distribute it to you. There are other universities and a few corporations out there that do this (google "cisco vpn client linux" to see examples). The downsides are that it's command-line only, and doesn't always work with the latest kernel release (at least until they release a new version).

Unless it costs extra to distribute the Linux client (which I very much doubt), your IT department is not very bright.

Zach said...

hey thanks very much for this. I am a student at GW as well and just got an eee pc. i tried to connect using the command line method and it seemed like it connected. however, when i opened up firefox it takes me to the gwireless login screen. can anyone help? thanks again

Mackenzie said...

Ooooo EeePC? Cooool. Does vpnc show as running when you do "ps -e | grep vpnc"?

Zach said...

just got gwireless working on eeepc running eeexunbuntu using the command line method.

basavaraj M said...

hi i want to access the internet through the terminal (command mode). how to do that please help me out


Mackenzie said...

What part of the internet? If you mean the WWW, like to see websites, you can use lynx or Links or Links2. Lynx is text-only. Links2 can show pictures if you have framebuffer enabled and are in one of the tty's (the thing when you hit ctrl+alt+f1-f6). For IRC, you can use irssi. For IMing, finch.

Peter said...

The "official" Cisco VPN client for Linux is available...details and link in this tutorial: http://www.longren.org/2007/05/17/how-to-cisco-vpn-client-on-ubuntu-704-feisty-fawn/

I have been trying to get my daughter's Ubuntu 6.10 system up on the GW wireless system...this may be just what I needed (unfortunately, I just got back from a visit).

Thanks for posting these instructions...

Mackenzie said...

Any chance I know your daughter? Is she in the computer science department?

Peter said...

Any chance I know your daughter? Is she in the computer science department?

Art History grad student. But a happy Ubuntu user on her IBM T40 (mostly due to her Dad's frustration with WinXP)

Elizabeth said...

I just want to thank you for this post. My Dad(a Linux crazy EE who got me hooked) and I have been trying all year to get my computer to connect, and it finally worked thanks to your instructions. I'm actually in Marvin right now, posting using GWireless on my Ubuntu machine.

And my dad is Peter, who posted above....

Peter said...

My daughter just let me know that she's online, thanks to your instructions. It took a while to get her to try, but the first time she tried, "it just worked".

IBM T40/Ubuntu Hardy Heron

Well done!

Peter said...

Well, easy come, easy go. They're now apparently running "Host Checker", so connecting from Ubuntu with Firefox returns an error message, saying her computer "does not meet security requirements for connecting".

Connecting with IE via WINE gets her a bit farther, fails when trying to download and install "Host Checker", which seems to be some kind of client-side anti-virus software that needs to run before the connection is allowed.

Mackenzie -- have you found a workaround to this yet? Looks like GW is constantly trying to make sure only Windows machines can connect to their wireless network!


Mackenzie said...

I have no idea what you're talking about. As of Thursday, it was working fine. I haven't tried to use GWireless since then.

Anand said...

Hi. Just wanted to say thanks. I'm running Ubuntu netbook remix on my Dell mini 9.

At first, I didnt understand your instructions for unzipping an executable. However, since I realized the .pcf file was what mattered, I googled it and found GWU pcf config files for both wired and wireless connections here:


It's obviously very easy to support linux on campus. The GW Help Desk would simply need to provide the necessary info that we got from the pcf file. They dont necessarily have to help people configure the vpn client. But it seems odd that we have to go through these loops to find the configuration info

Anyway, thanks again!