This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
networkconfigurationsettings [2020/10/21 16:26] Andrew Zaborowski [File naming and syntax] |
networkconfigurationsettings [2020/11/19 06:33] Andrew Zaborowski [802.1x (WPA/WPA2 Enterprise) settings] Readd formatting |
||
---|---|---|---|
Line 10: | Line 10: | ||
^ Setting Key ^ Values ^ Description ^ | ^ Setting Key ^ Values ^ Description ^ | ||
| Group header: **''[Settings]''** ||| | | Group header: **''[Settings]''** ||| | ||
- | | ''Autoconnect'' | **''true''**, ''false'' | (optional) | | + | | ''AutoConnect'' | **''true''**, ''false'' | (optional) | |
+ | | ''Autoconnect'' | **''true''**, ''false'' | (deprecated in favour or ''AutoConnect'') (optional) | | ||
| ''Hidden'' | ''true'', **''false''** | Used for //hidden// networks i.e. those that do not reply to scan probing except when their SSIDs are included explicitly (optional) | | | ''Hidden'' | ''true'', **''false''** | Used for //hidden// networks i.e. those that do not reply to scan probing except when their SSIDs are included explicitly (optional) | | ||
| ''AlwaysRandomizeAddress'' | ''true'', **''false''** | Always randomize MAC address on each new connection. Requires ''AddressRandomization=network'' in main.conf (optional) | | | ''AlwaysRandomizeAddress'' | ''true'', **''false''** | Always randomize MAC address on each new connection. Requires ''AddressRandomization=network'' in main.conf (optional) | | ||
| ''AddressOverride'' | ''MAC Address'' | Override the MAC address used for this network. Requires ''AddressRandomization=network'' in main.conf (optional) | | | ''AddressOverride'' | ''MAC Address'' | Override the MAC address used for this network. Requires ''AddressRandomization=network'' in main.conf (optional) | | ||
- | ===== Pre-Shared Key (WPA/WPA2 Personal) network settings ===== | + | ===== Pre-Shared Key (WPA/WPA2 Personal/SAE) network settings ===== |
^ Setting Key ^ Values ^ Description ^ | ^ Setting Key ^ Values ^ Description ^ | ||
| Group header: **''[Security]''** ||| | | Group header: **''[Security]''** ||| | ||
Line 27: | Line 28: | ||
^ Setting Key ^ Values ^ Description ^ | ^ Setting Key ^ Values ^ Description ^ | ||
| Group header: **''[Security]''** ||| | | Group header: **''[Security]''** ||| | ||
- | | ''EAP-Method'' | ''AKA'', ''%%AKA'%%'', ''GTC'', ''MD5'', ''MSCHAPV2'', ''PEAP'', ''PWD'', ''SIM'', ''TLS'', ''TTLS'', ''WSC'' (internal) | No default | | + | | ''EAP-Method'' | ''AKA'', ''%%AKA'%%'', ''GTC'' (internal), ''MD5'' (internal), ''MSCHAPV2'', ''PEAP'', ''PWD'', ''SIM'', ''TLS'', ''TTLS'', ''WSC'' (internal) | No default | |
| Applies to: **EAP-SIM**, **EAP-AKA**, **EAP-AKA'** ||| | | Applies to: **EAP-SIM**, **EAP-AKA**, **EAP-AKA'** ||| | ||
| ''EAP-Identity'' | //text// | EAP identity string transmitted in plaintext, if any (optional) | | | ''EAP-Identity'' | //text// | EAP identity string transmitted in plaintext, if any (optional) | | ||
- | | Applies to: **EAP-GTC** ||| | + | | Applies to: **EAP-GTC** (Only EAD or TTLS/PEAP inner method) ||| |
| ''EAP-Identity'' | //text// | EAP identity/username string transmitted in plaintext. No default, if not provided IWD will request a username at connection time | | | ''EAP-Identity'' | //text// | EAP identity/username string transmitted in plaintext. No default, if not provided IWD will request a username at connection time | | ||
| ''EAP-Password'' | //text// | EAP GTC secret string. No default, if not provided IWD will request a passphrase at connection time | | | ''EAP-Password'' | //text// | EAP GTC secret string. No default, if not provided IWD will request a passphrase at connection time | | ||
| ''EAP-GTC-Secret'' | //text// | (deprecated in favour of ''EAP-Password'') | | | ''EAP-GTC-Secret'' | //text// | (deprecated in favour of ''EAP-Password'') | | ||
- | | Applies to: **EAP-MD5** ||| | + | | Applies to: **EAP-MD5** (Only EAD or TTLS/PEAP inner method) ||| |
| ''EAP-Identity'' | //text// | EAP identity/username string transmitted in plaintext. No default, if not provided IWD will request a username at connection time | | | ''EAP-Identity'' | //text// | EAP identity/username string transmitted in plaintext. No default, if not provided IWD will request a username at connection time | | ||
| ''EAP-Password'' | //text// | EAP MD5 secret string. No default, if not provided IWD will request a passphrase at connection time | | | ''EAP-Password'' | //text// | EAP MD5 secret string. No default, if not provided IWD will request a passphrase at connection time | | ||
Line 64: | Line 65: | ||
An embedded PEM can appear anywhere in the settings file using the following format (in this example the PEM is named ''my_ca_cert''): | An embedded PEM can appear anywhere in the settings file using the following format (in this example the PEM is named ''my_ca_cert''): | ||
- | <code> | + | <code ini> |
[@pem@my_ca_cert] | [@pem@my_ca_cert] | ||
----- BEGIN CERTIFICATE ----- | ----- BEGIN CERTIFICATE ----- | ||
Line 73: | Line 74: | ||
After this special group tag it's as simple as pasting in a PEM file including the ''BEGIN''/''END'' tags. Now ''my_ca_cert'' can be used to reference the certificate elsewhere in the settings file by prefixing the value with ''embed:'' | After this special group tag it's as simple as pasting in a PEM file including the ''BEGIN''/''END'' tags. Now ''my_ca_cert'' can be used to reference the certificate elsewhere in the settings file by prefixing the value with ''embed:'' | ||
- | <code> | + | <code ini> |
EAP-TLS-CACert=embed:my_ca_cert | EAP-TLS-CACert=embed:my_ca_cert | ||
</code> | </code> |