Network¶
WPA-PSK¶
Create /etc/hostname.<ifname>
nwid <ssid>
wpa
wpakey <passphrase>
dhcp
WPA enterprise¶
Install wpa-supplicant
Create /etc/wpa-supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
ap_scan=0
eapol_version=1
fast_reauth=1
network={
key_mgmt=WPA-EAP
proto=WPA2
eap=PEAP # or TTLS
pairwise=CCMP
group=CCMP
phase1="peaplabel=0"
# phase1="tls_disable_tlsv1=1 tls_disable_tlsv1_1=2" # if only sslv3 is supported
phase2="auth=MSCHAPV2"
ca_cert="/etc/certs/QV2.pem"
ssid="<ssid>"
identity="<username>"
password="<mysecetpass>"
}
You must setup wiki card before running wpa_supplicant!
It is better to set the bssid
wpaakms must be configure otherwise wpa_supplicant will fail!
ifconfig urtwn0 nwid <ssid> bssid <mac_of_ap> wpa wpaakms 802.1x up
wpa_supplicant -B -c /etc/wpa_supplicant.conf -D openbsd -i urtwn0
Connect to a Cisco Anyconnect VPN¶
Install vpnc
Edit /etc/vpnc/my.conf
IPSec gateway vpn-gw-name
IPSec ID groupname
IPSec secret grouppassword
Xauth username your-username
Xauth password your-password
Enable IP forwarding¶
To make the system route packets, execute
sysctl net.inet.ip.forwarding=1
For a permanent configuration, edit /etc/sysctl.conf and add
net.inet.ip.forwarding=1
Which program is using a specific port¶
fstat | grep ':22'
Display current network connections¶
systat netstat
Ignore wifi deauth packets¶
ifconfig urtwn0 nwflag stayauth