User Tools

Site Tools


hotspot

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
hotspot [2019/07/08 20:31]
James Prestwood
hotspot [2019/07/08 20:59] (current)
James Prestwood
Line 8: Line 8:
  
 First, find the page which allows you to download the profile. This is going to be different for each network provider, but for example this is XFinity'​s:​ First, find the page which allows you to download the profile. This is going to be different for each network provider, but for example this is XFinity'​s:​
 +
 +(Turns out that this profile does not actually configure a hotspot network, but rather a standard WPA2-Enterprise network. The procedure will still be the same as far as the iOS profile is concerned)
  
 http://​wifi.xfinity.com//​connect-devices.php http://​wifi.xfinity.com//​connect-devices.php
Line 31: Line 33:
  
 ==== Writing the IWD provisioning file ==== ==== Writing the IWD provisioning file ====
-Inside the original iOS security profile there is some XML mixed throughout the binary data. There is probably a clean way of extracting this, but there are very few XML nodes we actually care about so manual inspection is easy enough. The node we care about is "​EAPClientConfiguration"​. The "​AcceptEAPTypes"​ provide the EAP method number used for this network. This will likely be "​21",​ which corresponds to TTLS. You can map the integer values to names inside src/​eap-private.h+Inside the original iOS security profile there is some XML mixed throughout the binary data. There is probably a clean way of extracting this, but there are very few XML nodes we actually care about so manual inspection is easy enough. The node we care about is "​EAPClientConfiguration"​. The "​AcceptEAPTypes"​ provide the EAP method number used for this network. This will likely be "​21",​ which corresponds to TTLS. You can map the integer values to names inside src/​eap-private.h. For now we will assume TTLS as the EAP method. 
 + 
 +There may or may not be a key for "​OuterIdentity"​. Take note of this. 
 + 
 +There also should be a key for "​NAIRealmNames"​. Take note of these. 
 + 
 +Last, there should be a key for "​TTLSInnerAuthentication"​. Take note of this. 
 + 
 +This should be all you need. You can now start writing the IWD provisioning file. It should look something like this, where <> values are used from above: 
 + 
 +    [Security] 
 +    EAP-Method=TTLS 
 +    EAP-Identity=<​OuterIdentity>​ 
 +    EAP-TTLS-Phase2-Method=Tunneled-<​TTLSInnerAuthentication>​ 
 +     
 +    [Hotspot] 
 +    NAIRealmNames=<​NAIRealmNames>​ 
 +     
 +After filling in the values, your provisioning file will look something like this: 
 + 
 +    [Security] 
 +    EAP-Method=TTLS 
 +    EAP-Identity=anonymous@rr.com 
 +    EAP-TTLS-Phase2-Method=Tunneled-MSCHAPV2 
 +     
 +    [Hotspot] 
 +    NAIRealmNames=spectrum.com,​rr.com 
 + 
 +Save this file (naming or extension does not currently matter) into /​var/​lib/​iwd/​.hotspot and IWD will now allow connections to this network.
hotspot.1562617916.txt.gz · Last modified: 2019/07/08 20:31 by James Prestwood