IllinoisNet Wireless – SymbianS60

Contents

1 Setup a destination for Illinois Net
2 Set up the Illinois Net Connection
3 Configure applications to use your destination.
4 New Certificate Authority as of August 2011

I got my Nokia E72 running Symbian OS 9.3 with S60 UI logged onto IllinoisNet, so I thought I’d share.

This should work for any of the Symbian 9.# devices, but it is my understanding that the touch interface (for touchscreen phones) is quite different.

Note: Everything here is from fiddling and experimenting and reading CITES setup for other devices. This is by no means the “best” or “most secure” way to get wifi on your device. This is just a way that I get wifi, some of these settings may be unnecessary.

Setup a destination for Illinois Net

(Menu => Ctrl. Panel => Connectivity => Conn.Mgr.=> AvailableWLAN networks => Illinoisnet. Choose Options => Define Access Point Now Select a Destination).
Destinations allow the user to create numbers of different profiles to have highly granular control over when the device interfaces with different networks. It’s a bit of a cumbersome feature, but extremely useful.
I choose “Internet” as my destination, as this is the default for all of the programs I want to run off of wifi. You may want to choose something different.

Set up the Illinois Net Connection

(Return to the home screen => Menu => ctrl. panel=>settings=>connection=>destination=> (your destination… in my case it is “internet”)=>IllinoisNet and select “options”=>edit
Fill in the following information:
Connection Name: IllinoisNet
Data Bearer: Wireless LAN
WLAN network: Name IllinoisNet
Network Status: Public
WLAN network mode: Infrastructure
WLAN security mode: WPA/WPA2
Use Access point: Automatically (unless you are worried about battery)
Select “Wireless LAN Security Settings”
Fill in the following information
WPA/WPA2: EAP
WPA2 only mode: on
Select EAP plug-in settings
De-select all options except EAP-PEAP, so taht EAP-PEAP is the only item checked
Now Select “options”=>edit
You will now be in the EAP-PEAP settings menus, and there will be three “tabs” that you can cycle through by using the left and right buttons.
Under Settings Fill in the following information:
Personal certificate: Not Defined
Authority certificate: Thawte Premium Server CA “AddTrust External CA Root” as of August 2011. See Note below
User name in use: User defined
User name: (your netID)
Reakm in use: From certificate
TLS privacy: Off
Allow PEAPv0: Yes
Allow PEAPv1: No
Allow PEAPv2: No

Under EAPs
Select only EAP-MSCHAPv2, de-select all other options. Highlight EAL-MSCHAPv2 and select “options”=>edit, and fill in your NetID and AD password.

Under Cipher
Select only: “RSA,AES,SHA” “DHE-RSA,AES,SHA” and “DHE-DSS,AES,SHA”

Configure applications to use your destination.

When you open an application, set the default destination to be what you set up Illinois net to be. You can configure Illinois net in a number of destinations depending on your needs and how you want to manage your connectivity.

This also works on the E71 except “destination” is called “Access point” in the first step.

New Certificate Authority as of August 2011

Note: these extra instructions worked for a Nokia E75
In the fall semester of August 2011, Cites has permanently converted to using the AddTrust External CA Root as its authority certificate. The above configuration works, however the new certificate must be selected. This certificate was not issued as a standard with most Symbian S60 devices. If yours has it, you’re lucky. If not, you’ll need to first get it, and then convert it from the standard PEM (.crt) format to the DER (.cer) format. The steps to generate it are:

1. https://support.comodo.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=11&nav=0,1 Download the crt format of the Certificate
2. Convert it to DER from PEM. I suggest http://www.entrust.net/knowledge-base/technote.cfm?tn=5531 these instruction using the ‘internet explorer’ option if you are a windows user (I hate IE, but this did work) or if you’re on linux, just use openssl.
3. Send the resulting .cer file to your phone, either by usb cable or bluetooth. Upon saving it, the phone should automatically ask you if you want to install this untrusted certificate. Accept and approve it for internet and vpn.

You should be done!

Good luck!