Connect to CMU-SECURE
WHAT CAN I CONNECT? | SETUP AND CONNECT
CMU-SECURE is the preferred wireless network for students, faculty and staff. Use CMU-SECURE to connect your laptop or desktop computer, tablet or smartphone to secure wireless at CMU.
What can I connect?
Devices you can connect to CMU-SECURE include, but are not limited to: smartphones, laptop and desktop computers, Chromebooks, iPads, and other tablets.
Setup and Connect to CMU-SECURE
To connect, follow the appropriate steps for your device/operating system.
Chromebook
- Once on campus, locate the wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- Click Connect.
- When prompted, enter the following:
- Security: EAP
- EAP method: PEAP
- EAP Phase 2 authentication: MSCHAPv2
- Security CA certificate: Do not check
- Identity: Your Andrew userID
- Password: Your Andrew password
Laptop or Desktop Computer
Linux
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- Enter the following information (terminology may vary; your computer may not require all these settings):
- Wireless security: WPA2 Enterprise
- Authentication: Protected EAP (PEAP)
- CA certificate: USERTrust RSA Certification Authority (See step 4 for details.)
- PEAP Version: Automatic or Version 0
- Inner/Phase 2 authentication: MSCHAPv2
- Username: You Andrew userID
Note: If your Andrew userID alone doesn't work, try:Andrew\Your Andrew userID
- Password: Your Andrew password
- Do one of the following:
- If prompted, verify and accept the CMU wireless certificate.
- If not prompted, manually download and install the certificate from the COMODO website.
- If checking the fingerprint of the COMODO certificate, you should match this fingerprint:
SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
Mac
- Once on campus, click the Apple menu (top-left) and click System Settings.
- Click Network, then click Wi-Fi.
- Click to enable the Wi-Fi slider if it isn't already enabled.
- Locate CMU-SECURE in the Network Name list and click Connect.
- If prompted, enter your Andrew userID and password, then click OK.
- (Optional) Click Show Certificate to review and verify the certificate.
Windows
- Once on campus, locate the wireless configuration settings on your computer.
- Select CMU-SECURE from your Wi-Fi network list.
- Click Connect.
- If prompted, enter your Andrew userID and password, then click OK.
- If prompted with a Security Alert, click Details.
- Verify and accept.
- Click Connect.
Still can't connect? Follow the manual connection steps.
Mobile
iOS
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- When prompted, enter the following:
Username: Your Andrew userID
Password: Your Andrew password - If prompted, verify and accept the CMU wireless certificate.
Android
- Once on campus, locate your wireless configuration settings.
- Find CMU-SECURE in your Wi-Fi list.
- When prompted, enter the following:
- EAP method: PEAP
- Phase 2 authentication: MSCHAPV2
- CA certificate: Use System Certificate
- Domain: wireless.cmu.edu
- User certificate: Unspecified
- Identity: Your Andrew userID
- Password: Your Andrew password
- Note: If you see an Anonymous Identity field, you may leave it blank.
- Do one of the following:
-
If prompted, verify and accept the CMU wireless certificate.
Note: You may not be able to select a CMU wireless certificate on some Android devices, but you will be connected to CMU-SECURE after you compete Steps 1-3.
- If not prompted:
- Turn off your wireless connection and manually download and install the certificate from the COMODO website using your provider's 4G/LTE service.
- Select either CA Certificate or the certificate you downloaded and installed when prompted for the certificate.
- Turn on your wireless connection, and select CMU-SECURE in your Wi-Fi list.
- Enter the information provided in Step 3.
-
Note: Terminology may vary across devices. Contact your vendor for terminology specific to your device.
Other Devices
- Once on campus, locate your wireless configuration settings.
- Select CMU-SECURE from your Wi-Fi network list.
- Enter your Andrew userID and password and authenticate with DUO if prompted.
- If prompted, enter any of the following as required for your device:
- Wireless security: WPA2 Enterprise
- Authentication: Protected EAP (PEAP)
- CA certificate: USERTrust RSA Certification Authority or Unspecified
- Domain: wireless.cmu.edu
- User certificate: Unspecified
- Inner/Phase 2 authentication: MSCHAPv2
- Note: If you see an Anonymous Identity field, you may leave it blank.
- If prompted, verify and accept the CMU wireless certificate.
Terminology may vary across devices. Contact your vendor for terminology specific to your device.
Verify the Certificate
A certificate allows you to verify that a network is safe. If you are prompted to accept a certificate as you connect to CMU-SECURE, verify it against the following information.
- Confirm that the certificate is issued by InCommon RSA Server CA
- Verify the Thumbprint/Fingerprint. Note: you may need to scroll to the bottom of the certificate details to find this information.
- Server SHA-256 Thumbprint/Fingerprint for the wireless.cmu.edu certificate:
A1:2E:F3:BE:FB:7D:54:45:66:DB:2C:7E:07:BB:02:4B:F8:07:94:3A:49:E9:BD:14:11:99:EB:7F:33:4B:AE:2C
Server SHA-1 Thumbprint/Fingerprint for the wireless.cmu.edu certificate:
31:2E:A5:8A:6F:6D:32:97:75:4B:51:88:9D:D4:09:ED:A0:9D:59:34
- Server SHA-256 Thumbprint/Fingerprint for the wireless.cmu.edu certificate: