just back from our tent at the european researchers night demoing together with mike once more and again the IBM m-health toolkit aka IBM Personal Care Connect. contrary to what i had assumed it was not one large tent with booths inside — nope, each project had its own little tent along the eastern side of lake zurich…

…which would have been nice had the weather been on the warm side; it wasn’t. both mike and i were shivering, but luckily our lovely ladies from communications came to our rescue and supplied us with hot tea and sandwiches! thx!

initially we were afraid that this would be quickly over: who in his or her right mind would venture outside with the storm warning lights flashing all over lake zurich? well, the zuricher is a hardy lot: once past 18:00 we got a steady stream of people and explained mobile patient monitoring over and over and over and over again.

so, it was a real success (though, why i end up with the crazies is a mystery i’d still like to solve)…¹

while i’ve been using knetworkmanager and its side-kick kicker applet rather successfully on our private laptops (all running kubuntu now), it’s never been an option for my IBM laptop (both meanings of the words apply here as we are using the IEEE8021X variant (with X.509 certificates) for controlling access to the internal network — something which knetworkmanager does not seem to support.

what i’ve been using is a pre-up script to start wpa_supplicant on my WLAN interface. that usually works ok — it usually does fail once i try to access a public WLAN or my private WLAN at home: then it becomes an elaborate dance of killing the ipw3945 daemon (the X60 has an intel ipw3945 WLAN card), unloading the ipw3945 module, waiting a bit, and reload the the ipw3945 module…followed by hoping that wpa_supplicant will pick up the current WLAN…which it very often does but then doesn’t get the DHCP lease…hmph

my first attempt was to use debian’s wpa-roam feature (kubuntu being a debian based system): works nicely with the work network and our WPA/WPA2 setup at home — but fails to pickup public WLANs after a suspend–resume cycle

next attempt (after trying all kinds of things…long story) is to use the managed approach in /etc/network/interfaces:

allow-hotplug wlan0
iface wlan0 inet manual
        wpa-driver wext

iface default inet dhcp

iface home inet dhcp
        wpa-ssid                homessid
        wpa-ap-scan             2
        wpa-scan-ssid           1
        wpa-psk                 secret
        wpa-proto               RSN
        wpa-key-mgmt            WPA-PSK
        wpa-pairwise            CCMP

iface otherhome inet dhcp
        wpa-ssid                otherhomessid
        wpa-ap-scan             2
        wpa-scan-ssid           1
        wpa-psk                 anothersecret
        wpa-key-mgmt            WPA-PSK
        wpa-pairwise            CCMP

iface work inet dhcp
        wpa-ssid                WORK
        wpa-ap-scan             2
        wpa-scan-ssid           1
        wpa-key-mgmt            IEEE8021X
        wpa-pairwise            TKIP
        wpa-group               WEP104
        wpa-eap                 TLS
        wpa-identity            identity@work.com
        wpa-ca-cert             /home/dirk/certificates/work-root-cert.pem
        wpa-client-cert         /home/dirk/certificates/dirk-cert.pem"
        wpa-private-key         /home/dirk/certificates/dirk-key.pem"
        wpa-private-key-passwd  yetanothersecret

iface public inet dhcp
        wpa-ssid                ""
        wpa-ap-scan             2
        wpa-scan-ssid           1
        wpa-key-mgmt            NONE

i’m making use of the logical interface concept of kubuntu/debian here. to activate the WLAN for at home use i’d do:

ifup wlan0=home

to shut it down again, a simple

ifdown wlan0

does the job. likewise for the other WLANs.

that finally does seem to do the trick.