Fail to connect to Eduroam (WPA2 Ent)

Not sure if I should start my own thread or jump on similar topics, but I also struggle to connect to Eduroam after some config updates of late from my IT dep, similar to Cannot connect to eduroam

My dmesg looks similar, but I get instead the error

[ 8664.249192] wlp61s0: deauthenticated from xx:xx:xx:xx:xx:xx (Reason: 23=IEEE8021X_FAILED)

On other devices, e.g. my Android phone, I get a certificate to “accept” when I configure Eduroam the first time. Android 13 has this (new?) feature “Trust on First Use” which seems to work fine. My colleagues on OSX are asked to accept the certificate in a popup on first connection.

When I try to configure on Manjaro I get no such question about accepting a certificate, nor do I see any option to “blindly trust” certificates.

My issue could be unrelated to certificate I suppose, but gut feeling says this might be an issue.

Maybe you can find your institution here and check the configuration?

What exactly did your IT department change in the config options? Ask them to tell you who signed the certificate and for which domain.
Blindly trusting a certificate is never a good idea.

The usual problem with Eduroam is that Linux won’t by default downgrade authentication sessions to older and lower security protocols (SSL 3, TLS < 1.2). And apparently many Eduroam institutions have ancient radius servers that require those protocols…

This solution usually works - NetworkManager - ArchWiki

Thanks both for input, sorry if I didn’t provide sufficient info for others to understand the issue.

I have asked my IT to add our institution to, so far they told me it was too much hazzle. So that I unfortunately cannot use.

It is very possible what you suggest MrLavender about older radius servers in use. Your solution worked beautifully and now I can connect :smiley:

nmcli connection modify eduroam 802-1x.phase1-auth-flags 32

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.