Overnight between Wed. 1/11 and Thurs. 1/12 we will be transitioning EECS-Secure to a new authentication backend. The old servers, etips1.eecs.berkeley.edu and nps-0.eecs.berkeley.edu will be retired and replaced with a new cluster which will identify itself as clearpass.eecs.berkeley.edu. There will be no interruption to wireless connectivity during the transition.
EECS-Secure will continue to function as it has, but your computer may notice the change in server certificates and prompt you about it. We are listing some steps below that may be helpful if you have trouble connecting on Thursday morning, and remember that you will be able to use other networks (e.g. AirBears2, CalVisitor) to visit this page and the EECS-Secure FAQ.
* “Continue connecting? If you expect to find EECS-Secure in this location, go ahead and connect.”
* You can click “Connect”, but first we recommend clicking “Show certificate details” and verifying the thumbprint against the Server Certificate at the EECS-Secure FAQ link below.
* “Before authenticating to the server ‘clearpass.eecs.berkeley.edu’, you should examine the server’s certificate to ensure that it is appropriate for this network.”
* Verify that the server name is “clearpass.eecs.berkeley.edu” and click “Show Certificate” to confirm that the certificate is valid; then click “Continue” to connect.
* We have seen many different behaviors depending on distro and version. If you have trouble, we recommend deleting the saved network and reconnecting, making sure to check the authentication details in the EECS-Secure FAQ, which is linked below.
If the above aren’t helpful to you, you might try following the Linux advice by deleting your saved EECS-Secure and reconnecting from scratch. In any case, if you have trouble, please visit the helpdesk in 395 Cory Hall.
More information about EECS-Secure authentication, including configuration details, certificates, and certificate fingerprints can be found on the EECS-Secure FAQ:
This change ONLY applies to EECS-Secure and will not affect any other networks, such as EECS-PSK, AirBears2, etc.
If you have been using EECS-RADtest to help us test the new servers, that network is no longer available and we strongly recommend you remove the saved network from your machine.
As a reminder, mobile devices are not fully supported on EECS-Secure. Depending on device and OS version, you may be able to connect, but we can provide only limited support. If you can’t connect to EECS-Secure, we recommend using CalVisitor, or EECS-PSK if you require EECS network access.
If you have any questions or problems, you may visit the helpdesk at 395 Cory Hall or firstname.lastname@example.org.