On March 13 at 6:00AM EST, the security protocol used by the eduroam Wi-Fi network on campus was upgraded. WPA3-Enterprise transition mode was enabled at this time.
WPA3 is the current generation of “Wi-Fi Protected Access” - the software feature that encrypts Wi-Fi connections. Dartmouth has upgraded eduroam to support this standard in order to ensure the highest level of security as well as support the latest Wi-Fi protocols.
Most modern devices support WPA3. Devices that do not support WPA3 will be able to continue connecting using the existing WPA2 mode. Your device may indicate that it is connecting with WPA2 even though it supports and is actually using WPA3. This is a known cosmetic issue on many devices.
WPA3 is supported on the following Apple devices:
- iPhone 7 or later
- iPad 5th generation or later
- Apple TV 4K or later
- Apple Watch series 3 or later
- Mac computers (late 2013 or later, with 802.11ac or later)
https://support.apple.com/guide/security/secure-access-to-wireless-networks-sec8a67fa93d/web
Android version 10 and later supports WPA3. https://source.android.com/docs/core/connect/wifi-wpa3-owe
Windows 10 May 2020 Version 2004 and newer support WPA3. WPA3 is also supported in Windows 11.
Support for WPA3 on Windows also requires that the Wi-Fi drivers installed support it as well.
https://support.microsoft.com/en-us/windows/faster-and-more-secure-wi-fi-in-windows-26177a28-38ed-1a8e-7eca-66f24dc63f09
Please check with your device manufacturer for driver updates.
https://services.dartmouth.edu/TDClient/1806/Portal/KB/ArticleDet?ID=140388
Linux devices may need to be reconfigured to enable WPA3. Your device will continue to connect with WPA2 if you do not make any change.
For devices using wpa_supplicant, please make the following changes to your configuration:
network={
ssid="eduroam"
identity="YOURNETID@dartmouth.edu" # Edit this
password="YOURPASSWORD" # and this
disabled=0
scan_ssid=0 # No broadcast probe requests
auth_alg=OPEN # No WEP
ieee80211w=1 # Use PMF/MFP if available (Required for WPA3)
key_mgmt=FT-EAP WPA-EAP # Use Fast Roaming if available
proto=RSN # WPA2/3
pairwise=CCMP # WPA2/3 AES-CCMP
group=CCMP # WPA2/3 AES-CCMP
# Authentication:
eap=PEAP
anonymous_identity="anonymous@dartmouth.edu"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
ca_path="/etc/ssl/certs"
}