Skip to content

Wired network access (LAN)

Access to the networks of the Faculty of Technology , CITEC and CoR-Lab is only possible after successful registration to the network.

We use the international standard IEEE-802.1x. If your client is not logged on to the network, you only have very limited access to internal services: You can only access the website of the computer operations group and the webmailer of the Faculty of Technology. All other access attempts will be blocked and you will be redirected to a notice page.

Configuration of the end devices

In order for a client to be able to log on to the network, in addition to access rights, software, a supplicant , is also required. Almost all current operating systems already include this in the standard installation, so it just needs to be configured.

Configuration

Authentication: EAP-TTLS (Tunneled TLS) oder PEAP
Anonymous (outer) Identity: anonymous (or leave field blank)
Certified CAs: Download
Inner authentication: PAP or MSCHAP(v2)
Username: Your TechFak username
Password: The password assigned for network access

Instructions

Under Gnome (Ubuntu, Fedora) the windows look slightly different, but the settings are identical.

First, download the Root certificate: citec-root-ca.crt. Alternatively, you can copy the file from another system. Save the file in a place where it can remain permanently, e.g. in ~/.cert/.

Alternatively, you can copy the file from another system. Save the file in a place where it can remain permanently

Netzwerkeinstellung

Select the wired network interface and click Edit.

Netzwerkeinstellung

Select the "802.1x Security" tab and adjust the settings according to the screenshot. Under “CA Certificate” you select the storage location of the previously downloaded CA root certificate. “DHCP” must be set under “IPv4 Settings”. The password is your net password.

Netzwerkeinstellung

If a network profile, e.g. for eduroam, is already installed on the system, no manual settings can be made for networks. You can either delete the network profile in the settings or you must install another profile. We offer a profile with our settings on WLAN.

First you have to install the CITEC root certificate. To do this, download the citec-root-ca.crt or copy the file from another system. Double-click the file in OS X Finder. The “Keychain Access” opens (see screenshot). Click “Always Trust.”

Netzwerkeinstellung

Open System Preferences. Then click on Network.

Netzwerkeinstellung Netzwerkeinstellung

Make sure that the wired network interface “Ethernet” is selected in the left pane. Under “Configure IPv4,” select “DHCP” (if not already preset). Then click on “Advanced...".

Netzwerkeinstellung

Click on the "802.1X" tab at the top and tick the "Enable automatic connection" box.

Netzwerkeinstellung

If the dialog shown here does not appear automatically, pull out the network cable and plug it back in. Select the "Show Certificate" button.

Netzwerkeinstellung

Make sure that the validity of the certificate has been recognized ("This certificate is valid"). If the certificate is valid, activate the “Always trust” selection. The server name shown in the screenshot may vary.

Netzwerkeinstellung

The next window appears and expects you to enter your login details. Enter your TechFak username and password for network access.

Netzwerkeinstellung

First you have to install the CITEC root certificate. To do this, download the citec-root-ca.crt or copy the file from another system. Right-click the file and select Install Certificate.

Netzwerkeinstellung

Select Local Machine as the certificate location.

Netzwerkeinstellung

Select the certificate store manually. To do this, select the option “Place all certificates in the following store” and then click on “Browse”. Select "Trusted Root Certification Authorities" and complete the wizard by accepting the suggested settings in the next steps.

Netzwerkeinstellung Netzwerkeinstellung

Open the Windows start screen, enter "services.msc" in the search field and press the Return or Enter key.

Netzwerkeinstellung

Find the “Wired AutoConfig” service and configure it by clicking Properties in the context menu (use the right mouse button).

Netzwerkeinstellung

Select "Automatic" from the drop-down menu, then click "Start."

Netzwerkeinstellung

Open Control Panel and click Network and Internet

Netzwerkeinstellung Netzwerkeinstellung

Click "Network and Sharing Center."

Netzwerkeinstellung

Click on "Ethernet".

Netzwerkeinstellung

Open the properties of the LAN connection using the "Properties" button. In the connection properties window, select the “Authentication” tab and click “Settings”.

Netzwerkeinstellung Netzwerkeinstellung

Make sure only "CIT-EC CA" is selected and click the "Configure..." button. Deactivate the checkbox so that Windows does not use your login data to log into the network. To log in to the network, you must use your TechFak username and the net password!

Netzwerkeinstellung Netzwerkeinstellung

Close both windows and return to the LAN connection properties. From there, click on the “Additional Settings” button. Select the "Specify authentication mode" option and the "User authentication" value from the drop-down list.

Netzwerkeinstellung Netzwerkeinstellung

A window is opening. Enter your login details now. Enter your TechFak username and password for network access.

Netzwerkeinstellung