 |
Need to configure VPN?, email, or wireless? |
| Find configurations here! | |
OSU Secure
What is OSU Secure?
OSU_Secure is an option for those on campus who require data encryption while accessing the internet. It uses a 48-bit initialization vector and a 128-bit encryption key and utilizes Temporary Key Integrity Protocol (TKIP) to achieve security. This is a useful option for those who enjoy the leisure of online banking, but don't want to be concerned with unencrypted information being transmitted through the wireless network.
Why WPA?
WPA offers a more secure method of using OSU's wireless network. OSU_Secure SSID is the preferred method to securely access the OSU Network and the Internet. Wireless clients using the OSU_Access network will be limited to what they can access. You can use the VPN service on the OSU_Access network to have similar to secure access capabilities that OSU_Secure provides.
What is WPA?
WPA or Wi-Fi Protected Access is a class of systems to secure wireless computer networks. There are two classes of WPA that allow secure access to a wireless network:
- WPA-PSK
- WPA-Enterprise
WPA-PSK works well in a SOHO environment where a strong (minimum 20+ characters) Pre-Shared Key can be shared amongst a few wireless clients. WPA-Enterprise is more suitable for large organizations using an external authentication method. Both classes of WPA require encrypted authentication to occur prior to allowing encrypted data to be sent over the wireless.
The following URL has a comprehensive description of WPA and other references to implementations of WPA: Wikipedia's Wi-Fi Protected Access.
Who has access?
As with OSU_Access, anyone with valid ONID credentials may access OSU_Secure. For those who have forgotten their ONID login information, it can be reset using that individuals OSU ID? number and GAP? from the ONID homepage or by clicking here.
How can I use it?
To connect to OSU_Secure, the computer must first be registered to Maintain (link opens in new window). Maintain is a network management software that registers users onto the wireless network on campus. It requires the hardware address, which is unique to each device, to be registered to the network. Generally, these will look like, "00-23-45-67-89-ab." If you have troubles finding your hardware address, please use these instructions. (Note: the instructions will open in a new window.)
Once a computer is registered in Maintain (link opens in new window), that device can either connect to OSU_Access or OSU_Secure. Once registered, OSU_Access does not require any more configuration while OSU_Secure requires additional configuration for the WPA encryption.
The general settings used for the OSU_Secure network are:
- SSID: OSU_Secure
- Security: WPA2 Enterprise
- EAP Method: PEAP (PEAPv0/EAP-MSCHAPv2)
- Key Type: AES (or automatic)
- Phase2 Type: MSCHAPv2
- Username: ONID Username
- Password: ONID Password
More detailed instructions with pictures are available for both Microsoft and Apple operating systems as well as select mobile devices. Click on any of the links below to view the instructions:
What does the "Secure" part of OSU secure mean?
The secure part means that any data you send over the wireless connection is encrypted. Browsers and websites can encrypt the data that they send anyway which happens on most or all sites that transfer any sensitive information. The encryption done by the wireless network is another layer of security that helps protect your sensitive information. The following is more technical information which is unnecessary for the use of the wireless networks.
Examples:
Un-Secured Wireless (OSU_Access):
Sending this data through an HTTP connection will be transmitted over the wireless network completely unencrypted. If you are submitting a comment to an unsecured forum the data would be transmitted in clear text which could be read by anybody with the correct software. For poorly designed websites they may also be able to see the username, password, and what website you were trying to log in to.
Sending this through a https (s stands for secure) connection will be encrypted on your computer and sent through the network. Anybody with the correct software would be able to see where you were sending the information to but not the actual information being sent. (more technically the header information will not be encrypted but the data will be).
Secured Wireless (OSU_Secure):
Sending this data through a HTTP connection will still result in everything being encrypted. Anybody with the correct software will be able to see that you are sending and receiving data but they will not be able to tell where you are sending it or what information you are sending (including usernames and passwords).
Sending this through a https (s stands for secure) connection will be encrypted on your computer and sent through the network where it will be encrypted again (more technically the data will be encrypted twice and the headers will be encrypted once). Anybody with the correct software would be able to see that you are sending and receiving data but they will not be able to see where you are sending it or what information you are sending (including usernames and passwords).
