For NYU Students: How to connect to NYURoam wireless on Ubuntu (or any Linux with NetworkManager)

update: This Ubuntu Forums thread has details on how to get a certificate authority file. I added it to this howto. I also added instructions for Intrepid


I made the crazy decision to go to NYU. They have wireless. Their website has instructions for connecting to it with Windows XP, Vista and MacOSX. None for any Linux distributions though. You can glean the Linux instructions from looking at those instructions though. Here's how I do it in NetworkManager. Of course, don't blame me if a bowl of oatmeal falls on your laptop when you attempt this.

• Go to https://getca.verisign.com/. Download the certificate from there
• It should be a file named getrootcert.cer Run this command on it to change it to a pem file: openssl x509 -in getrootcert.cer -inform d -out verisign.pem
• An alternative to the previous two steps is to just use the intended certificate that the original NYU instructions refer to. The previous two steps are in lieu of that, but thanks to A cool dude the proper location for the certificate is /etc/ssl/certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem . There are multiple files with similar names in that folder. If this one doesn't work try one of the others
  
• Click on NetworkManager in the system tray in the corner
  
• Choose Connect to Other Wireless Network...
• In the Network Name choose 'nyu' without the single quotes
• In the Wireless Security choose WPA2 Enterprise
• Leave EAP Method and Key Type as their defaults which are PEAP and Automatic respectively
• In Phase2 Type choose MSCHAPV2
  
• In Identity type in your NYU NetID and in Password type in the NetID password
• In CA Certificate file choose the verisign.pem, wherever it was saved. OR choose one of the aforementioned /etc/ssl/certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G*.pem files
  
• Leave the remaining options as defaults

If it was with Intrepid, the dialog box is slightly different. Also unlike the previous version of this howto for hardy, this won't work unless you have the versign.pem file. after you've gotten your verisign.pem file

• When you right-click on NetworkManager click on 'Connect to Hidden Wireless Network...' instead of 'Other Wireless Network' like in Hardy
• Type in 'nyu' for the Network Name
• choose WPA & WPA2 Enterprise for the Wireless Security
• Protected EAP (PEAP) for the Authentication
• For CA Certificate choose the verisign.pem that you saved OR choose /etc/ssl/certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
• PEAP Version is Version 0
• Inner Authentication is MSCHAPV2
• Username is your NetID
• Password is your NetID's password
  

It should connect. I've noticed some problems with my instructions of course. I usually have to type in this info every time. I think it may be because we're not specifying a certificate which the typical instructions state that you should do. Also if I restart or come out of hibernate, I will connect, it will fail and then I'd have to connect again and it would work. On rare occasions it will ask for LEAP password. Then I'd cancel it and try again and it would work.