-
-
Save Matheus-Garbelini/2cd780aed2eddbe17eb4adb5eca42bd6 to your computer and use it in GitHub Desktop.
| #include <ESP8266WiFi.h> | |
| extern "C" { | |
| #include "user_interface.h" | |
| #include "wpa2_enterprise.h" | |
| #include "c_types.h" | |
| } | |
| // SSID to connect to | |
| char ssid[] = "TEST_KRA"; | |
| char username[] = "matheus_garbelini"; | |
| char identity[] = "matheus_garbelini"; | |
| char password[] = "testtest"; | |
| uint8_t target_esp_mac[6] = {0x24, 0x0a, 0xc4, 0x9a, 0x58, 0x28}; | |
| void setup() { | |
| WiFi.mode(WIFI_STA); | |
| Serial.begin(115200); | |
| delay(1000); | |
| Serial.setDebugOutput(true); | |
| Serial.printf("SDK version: %s\n", system_get_sdk_version()); | |
| Serial.printf("Free Heap: %4d\n",ESP.getFreeHeap()); | |
| // Setting ESP into STATION mode only (no AP mode or dual mode) | |
| wifi_set_opmode(STATION_MODE); | |
| struct station_config wifi_config; | |
| memset(&wifi_config, 0, sizeof(wifi_config)); | |
| strcpy((char*)wifi_config.ssid, ssid); | |
| strcpy((char*)wifi_config.password, password); | |
| wifi_station_set_config(&wifi_config); | |
| wifi_set_macaddr(STATION_IF,target_esp_mac); | |
| wifi_station_set_wpa2_enterprise_auth(1); | |
| // Clean up to be sure no old data is still inside | |
| wifi_station_clear_cert_key(); | |
| wifi_station_clear_enterprise_ca_cert(); | |
| wifi_station_clear_enterprise_identity(); | |
| wifi_station_clear_enterprise_username(); | |
| wifi_station_clear_enterprise_password(); | |
| wifi_station_clear_enterprise_new_password(); | |
| wifi_station_set_enterprise_identity((uint8*)identity, strlen(identity)); | |
| wifi_station_set_enterprise_username((uint8*)username, strlen(username)); | |
| wifi_station_set_enterprise_password((uint8*)password, strlen((char*)password)); | |
| wifi_station_connect(); | |
| while (WiFi.status() != WL_CONNECTED) { | |
| delay(1000); | |
| Serial.print("."); | |
| } | |
| Serial.println("WiFi connected"); | |
| Serial.println("IP address: "); | |
| Serial.println(WiFi.localIP()); | |
| } | |
| void loop() { | |
| } |
@Matheus-Garbelini Is it possible to manually configure the IP address in your code instead of using DHCP addressing?
I currently have our IT department reserving the IP address for my NodeMCU by using its device name, which works but I'd prefer to be able to configure the IP on my end.
hi @ziogianni, you may need to confirm this, but check your EAP server logs, ESP32 may be using eap-tls version 1.0, which is can be rejected by EAP servers such as FreeRadius. In this case, I've had success by changing a TLS config as exemplified here: https://github.com/Matheus-Garbelini/esp32_esp8266_attacks#attention
This may be different depending on what EAP server you are using. I've no idea if this is possible on Windows EAP server for example.
Hi @Matheus-Garbelini, I gave a check to the freeradius configuration files and as I supposed there was a section related to the TLS settings.
The two variables I found tls_min_version and tls_max_version in the eap.cnf file are respectively set to 1.0 and 1.3.
So TLS 1.0 should be already supported by the server I'm using.
Hello @ziogianni I was having a similar issue while using a NodeMCU. The board would try to connect then reboot, it would occasionally obtain an IP but would only stay connected to the network for about 8 seconds before rebooting again.
The thing that seemed to fix the problem for me was to go to the Tools tab in the Arduino IDE and after selecting the proper ESP board there should be an Erase Flash: drop down option towards the bottom. Try changing the default setting of "Only Sketch" to "All Flash Contents" I hope this helps.
@V-R-E Unfortunately it didn't work for me, it restarts and keeps saying Connection Status: 4
So it is possible to use WPA2 Enterprise with an esp8266?
Just a heads up everyone, if identity is not set, it will not be empty, it is acutually set to anonymous@espressif.com.
Here's my version of the above with websocket, works with peap mschapv2 at my uni:
https://gist.github.com/venetanji/d71dc271ebf51236ec6ce99aa48eee26
Hi, I'm getting this message from the Serial Monitor constantly. I am using a NodeMCU v1.0 board. I already set Erase Flash option to All flash contents but did not work.
Any comments on how to solve it?
,,,,,,,,,,pm open,type:2 0
14:40:29.211 -> ,,,,,,,,,,,,,,,,,,,,state: 5 -> 0 (2)
14:40:48.703 -> rm 0
14:40:48.703 -> pm close 7
14:40:48.703 -> reconnect
14:40:48.805 -> scandone
14:40:48.805 -> state: 0 -> 2 (b0)
14:40:48.805 -> state: 2 -> 3 (0)
14:40:48.805 -> state: 3 -> 5 (10)
14:40:48.805 -> add 0
14:40:48.805 -> aid 1
14:40:48.805 -> cnt
14:40:49.204 -> ,,,,,,,,,,pm open,type:2 0
14:40:59.208 -> ,,,,,,,,
Hi, thanks for yout reply.
The certs are in the following format :
char ssid[] = "CNIOPROF";
char username[] = "";
char identity[] = "";
char password[] = "xxxx";
That should be hex, right?
Regarding the TLS, I am using a nodemcu board whose TLS version is 1.2. How can I chech which versions are supported by the server?
After all what I do is basically uploading that code to the nodemcu.
I am quite new to this Arduino environment. Thanks for your patience.
I meet the same problem when use the code above. Using arduino IDE.
hardware: ESP-12F ESP8266MOD
using NodeMCU 1.0(ESP-12E)_ and erase all flash content
after it connect the wifi , it just keep about 8 second and then restart. Why this happened and if there is a valid method to solve this?
Thanks a lot! I had so much troubles working with esp8266 in the University. Now the problem is solved
`#include <ESP8266WiFi.h>
extern "C" {
#include "user_interface.h"
#include "wpa2_enterprise.h"
#include "c_types.h"
}
// SSID to connect to
char ssid[] = "eduroam";
char username[] = "101227402";
char identity[] = "101227402";
char password[] = "passwprd";
uint8_t target_esp_mac[6] = {0x24, 0x0a, 0xc4, 0x9a, 0x58, 0x28};
void setup() {
WiFi.mode(WIFI_STA);
Serial.begin(115200);
delay(1000);
Serial.setDebugOutput(true);
Serial.printf("SDK version: %s\n", system_get_sdk_version());
Serial.printf("Free Heap: %4d\n",ESP.getFreeHeap());
// Setting ESP into STATION mode only (no AP mode or dual mode)
wifi_set_opmode(STATION_MODE);
struct station_config wifi_config;
memset(&wifi_config, 0, sizeof(wifi_config));
strcpy((char*)wifi_config.ssid, ssid);
strcpy((char*)wifi_config.password, password);
wifi_station_set_config(&wifi_config);
wifi_set_macaddr(STATION_IF,target_esp_mac);
wifi_station_set_wpa2_enterprise_auth(1);
// Clean up to be sure no old data is still inside
wifi_station_clear_cert_key();
wifi_station_clear_enterprise_ca_cert();
wifi_station_clear_enterprise_identity();
wifi_station_clear_enterprise_username();
wifi_station_clear_enterprise_password();
wifi_station_clear_enterprise_new_password();
wifi_station_set_enterprise_identity((uint8*)identity, strlen(identity));
wifi_station_set_enterprise_username((uint8*)username, strlen(username));
wifi_station_set_enterprise_password((uint8*)password, strlen((char*)password));
wifi_station_clear_enterprise_cert_key();
wifi_station_connect();
while (WiFi.status() != WL_CONNECTED) {
delay(1000);
Serial.print(".");
}
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void loop() {
}`
####################################################
I am trying to connect to eduroam in my university,
It uses MSCHAPV2 as the Phase 2 Authentication,
And do not Validate the Ca Certificate
I keep getting the error below and it loops forever,
.reconnect
...scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 0 (12)
.reconnect
...scandone
state: 0 -> 2 (b0)
If anyone can please guide me or link me to any post to solve this issue, I really do appreciate it very much.
@Teakzieas did you try my version? works ok on my uni's eduroam:
https://gist.github.com/venetanji/d71dc271ebf51236ec6ce99aa48eee26
One difference with your code is I don't set the password with:
strcpy((char*)wifi_config.password, password);
Try commenting that line as it is for regular wpa. The wpa2 enterprise password is actually set with this line below:
wifi_station_set_enterprise_password((uint8*)password, strlen((char*)password));
#include <ESP8266WiFi.h>
// include wpa2 enterprise code
extern "C" {
#include "user_interface.h"
#include "wpa2_enterprise.h"
}
// SSID, Username and password. Update with yours!
static const char* ssid = "eduroam";
static const char* username = "101227402"; //
static const char* password = "password";
void setup() {
Serial.begin(115200);
delay(1000);
Serial.setDebugOutput(true);
// Setting ESP into STATION mode only (no AP mode or dual mode)
wifi_set_opmode(STATION_MODE);
struct station_config wifi_config;
memset(&wifi_config, 0, sizeof(wifi_config));
strcpy((char*)wifi_config.ssid, ssid);
wifi_station_set_config(&wifi_config);
// Clean up to be sure no old data is still inside
wifi_station_clear_cert_key();
wifi_station_clear_enterprise_ca_cert();
wifi_station_set_wpa2_enterprise_auth(1);
wifi_station_set_enterprise_username((uint8*)username, strlen(username));
wifi_station_set_enterprise_identity((uint8*)username, strlen(username));
wifi_station_set_enterprise_password((uint8*)password, strlen(password));
wifi_station_connect();
while (WiFi.status() != WL_CONNECTED) {
delay(1000);
Serial.print(".");
}
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void loop() {
}
##############################################
i did try your code but i endup in the same place
.reconnect
...scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 0 (12)
.reconnect
Could it be the Version of Nodemcu I am using(NodemcuV2)
Hey, thanks for the examples, your code works like a charm when I connect one ESP8266 "Amica" NodeMCU to university eduroam. I am sending IOT data to thingspeak.
Weird issue, whenever I connect a second NodeMCU with the same code (sending to a different thingspeak channel), the first one stops sending data. Might there be an issue with conflicting IP addresses?
Hey, thanks for the examples, your code works like a charm when I connect one ESP8266 "Amica" NodeMCU to university eduroam. I am sending IOT data to thingspeak. Weird issue, whenever I connect a second NodeMCU with the same code (sending to a different thingspeak channel), the first one stops sending data. Might there be an issue with conflicting IP addresses?
It's that part where the MAC is assigned. You've assigned the same MAC to different devices. When one is trying to connect, the other one is kicked from the network. So just change the MAC on one of the devices
hi @ziogianni, you may need to confirm this, but check your EAP server logs, ESP32 may be using eap-tls version 1.0, which is can be rejected by EAP servers such as FreeRadius. In this case, I've had success by changing a TLS config as exemplified here: https://github.com/Matheus-Garbelini/esp32_esp8266_attacks#attention
This may be different depending on what EAP server you are using. I've no idea if this is possible on Windows EAP server for example.