How to Fix Your WPA2-Enterprise (Work/School) Network Woes on Your Cr-48 (Hopefully)

Ah, the beauties of wireless (and the headaches).

HUGE UPDATE: This walk around is now unnecessary, as the issue has basically been fixed!

IMPORTANT UPDATE:  I've written a post to help you avoid creating these settings every time you go back to school/work.

Okay, I've been thinking about posting something like this and, thanks to a lovely error message, "Your HTML cannot be accepted: Must be at most 4,096 characters," when I tried to comment on Jay Lee's blog, I've decided to have out with it, here.

PLEASE NOTE:  For my help to work at all, you'll need to read the post linked above, along with the instructions linked to there.  (It's a small world, after all!)  That said, please read on.

My WPA2-Enterprise experience can probably best be described as someone who didn't know what he was doing and who did have the initiative to figure it out on his own (with some school IT help, which I'll explain in a moment, and, clearly, some help from David Burrow and the forum friend who linked me to David's how-to).

1. I got the David Burrow link from a friend in a forum and, when I saw the instructions, I thought I was way over my head.
2. I sent the instruction list to my school IT guys, asking if it would work and got a response that it definitely could.
3. I set to work on my school network and probably spent at least 5-20 hours (over different days) trying to connect and work out the kinks (just ask the guy sitting next to me in Corporations 2!).
4. Here are some insights I feel are most important about my experience and that I hope can help someone else:

A. Make sure to follow the wiki.utah (David Burrow) instructions exactly, varying only when your network is different (e.g., I completely skipped step 6. because our network doesn't require certificate validation - which may be the whole reason this worked, in the first place).

B. Unless you "know what you're doing," be sure to check with your IT department on where and how your configuration is different than the base instructions.

You may feel like you've graduated,
if you can get this fix to work for you.
Hey, I was pretty stoked . . .

C. Your Cr-48 may struggle locking into a specific entry point on the network (I believe this is called a "bssid").  How can you tell?  If, once you've got everything set up, the Cr-48 keeps getting rejected at different bssids and frequencies, you may want to lock into a specific bssid.

C1. Rejection signs. You can tell your Cr-48's being rejected, when it keeps cycling through different associate/authenticate indicators, like this one: "Trying to authenticate with 00:17:9a:33:db:a4 (SSID= 'dlink' freq=2412 MHz)."  The 00:17:9a:33:db:a4 is the "bssid," which I'll explain next.

C2. Deciding on the right bssid, if necessary. After much cycling through associate/authenticate indicators (and after randomly connecting here and there, only to be disconnected later) and gnashing of teeth, I hypothesized that my Cr-48 (or the network itself) would work best (or only) at certain frequencies. So here's what I did (after "trial and error[ing]" the "help" menu):  I typed in the separate commands, "scan" and "scan_results". This provides me a list of available networks (ssids) with their various bssids, frequencies, signal levels (how strong it is?), flags (network configurations?), and the ssid (network ID/name) itself.  I figured my network/Cr-48 liked frequencies at 4xxx and above, which takes us to the next step.

C3. Setting the right bssid, if necessary.  Once you see the details for a bssid that sits on a frequency you believe will work, enter the following, exactly as typed, except with your info where the brackets are:  bssid [your network #] [the bssid you're trying to tap]. Here's an example:  bssid 0 00:17:9a:33:db:a4  What this tells your Cr-48 to set the entered bssid as the bssid for the specific network, in my example 0. Next, type status. If you're disconnected, type reconnect. If you've followed the wiki.utah instructions correctly and identified an appropriate bssid/frequency, I believe you will be all set. And there was much rejoicing!

I hope you love generic images as much as I do.

D. You may have to repeat C3. . . . a lot.  If someone out there knows how to program the wpa_cli so that it will automatically connect to an appropriate bssid/frequency, I'd love to hear it!  Otherwise, my solution requires the user to do "scan" "scan_results" "bssid [network] [desired bssid]" and probably "reconnect" just about any time the user moves a significant physical distance (my law school's bigger than one office), and about a million times in between.  :)  Hey, I guess this is what beta testing's all about!

Well, I hope this helps, I hope this issue gets fixed soon, and I hope you'll ask questions here and on Jay Lee's Cr-48/Chrome OS blog post about this issue.

Jay Lee and David Burrow, thanks for putting all this together and please feel free to correct any heresies.

Oh, and finally, if you are having this issue, and you have yet to do so, PLEASE star it at http://code.google.com/p/chromium-os/issues/detail?id=7101. I think it's being worked on, and I also think it helps to get a few more nudges in the right direction!

I look forward to your questions/comments, below.

UPDATE:  Okay, everyone, if you're pulling your hair out on this after an hour and you feel like you've tried everything, let me make what may seem like an agonizingly obvious suggestion: double-check your password.

I think my school added a new unsecured "guest" network over the weekend, and so I thought something might have changed with our secured network. Nope, I'm pretty confident I was leaving off one character out of the 24 characters lastpass generated for my school password . . .