Search this Site

Need Help?

Ask now! Live chat

Find someone in Computing

Request Help Now

Helpline: 646-2999

DartPulse Alerts

Overall System Status:

Upcoming Scheduled Outages

Quick Links

About Computing

New to Dartmouth?

Resources for:

Information Security

Connect with Computing

Networking

HomeNetworking >  Dartmouth Wireless Network

Frequently Asked Questions about Dartmouth's Wireless Network

How Secure Am I?

It depends on which network you connect to.

  • Dartmouth Secure will encrypt data being transmitted between your computer and the wireless access point you are connected to. This is the most secure wireless network at Dartmouth.
  • Dartmouth Library Public is unencrypted, but if you are using this network and you start a VPN connection, the data being transmitted will be encrypted.
  • Dartmouth Public is unencrypted, but if you are using this network and you start a VPN connection, the data being transmitted will be encrypted.

Top of page

What Changes Do I Need to Make to My Computer's Configuration to Use the Wireless Network?

People using the Dartmouth Secure wireless network will need to have a PKI certificate installed on their computer.

People using the Dartmouth Library Public or Dartmouth Public wireless networks will need to select the network if it is not the default on their computer. It is important to note that the Dartmouth Library network is only available within the on-campus Libraries. The Dartmouth Public network does not allow access to resources restricted to Dartmouth faculty, staff, and students, unless a VPN connection is also started.

Top of page

I Am a Dartmouth Faculty, Staff, or Student. How Do I Use the Wireless Network?

Dartmouth faculty, staff, and students should all use the Dartmouth Secure wireless network (SSID). This is an authenticated and encrypted network that allows you access to Dartmouth resources.

Top of page

How Do Alumni, Guests, Seminar Participants, or Members of the Public Use the Wireless Network?

Alumni, guests, seminar participants, and members of the public should select the Dartmouth Public wireless network (SSID).

  • No authentication will be required; you will be routed to a public Internet Service Provider (ISP) for access to the Internet.

Top of page

I Am On Campus to Use the Dartmouth Libraries. How Do I Use the Wireless Network?

Patrons of the on-campus libraries can use the Dartmouth Library Public wireless network (SSID). No authentication will be required. This SSID only exists in the on-campus Dartmouth libraries.

  • If you have trouble connecting to the Dartmouth Library Public network, each of the libraries has prepared a handout with information on how to connect. It is available at the Information or Reference desk of the library you are visiting.

Top of page

I Don't Want to Authenticate to a Wireless Network. What Can I Use?

The wireless network named Dartmouth Public does not require authentication. Users will be routed to a public ISP for access to the Internet.

  • Note that some Dartmouth services (e.g. GreenPrint, some library resources, etc.) will not be available to you if you use Dartmouth Public.

Top of page

I Run Linux. How Do I Connect to Dartmouth Secure?

Dartmouth Secure uses open standards, such as 802.1x with WPA2 and EAP-TLS. These standards are supported by the latest versions of Linux. However, not all Linux systems are alike; some have graphical tools to use these standards, while others require you to use command line configurations.

  • You can get information on connecting to Dartmouth Secure using Linux at Thayer School's Connecting to Dartmouth Secure wiki. This page has instructions on connecting with versions of Ubuntu and Fedora using Firefox.
  • In addition, there are many user groups on the Internet that may be able to help you determine the correct configuration for your Linux operating system and hardware. The most commonly reported problem is with out-of-date or unavailable hardware drivers. 

Top of page

What Is an SSID?

SSID stands for "service set identifier" and is the unique name given to each wireless network. Many wireless networks will broadcast their SSIDs so that users can see the names on their computers and determine which one to connect to.

Top of page

Which SSID Should I Use?

People accessing the wireless network at Dartmouth should choose from the following SSIDs:

  • Dartmouth Secure is intended to be the primary wireless network used on campus by Dartmouth faculty, staff, and students. Connections made to this network will require authentication, and will encrypt data between the computer and the wireless access point. PKI certificates – either installed on the computer or on an eToken – will be required to authenticate to this network. Devices using this network will have a private IP address of 10.xxx.xxx.xxx while on campus, and will have a public Dartmouth IP address of 129.170.xxx.xxx when connecting to resources that are off campus. Any resources that require a Dartmouth IP address will allow connections from this network. Users on this network are limited to 3 Mbps of bandwidth.
  • Dartmouth Library Public is intended to provide access to Dartmouth's Library resources for people who are on the Dartmouth campus, but who are not current Dartmouth faculty, staff, or students. It is only available in buildings that house one of Dartmouth's libraries. This is an unauthenticated, unencrypted wireless network. Devices using this network will have a private IP address of 10.xxx.xxx.xxx while on campus, and will have a public Dartmouth IP address of 129.170.xxx.xxx when connecting to resources that are off campus. Any resources that require a Dartmouth IP address will allow connections from this network. Users on this network are limited to 1 Mbps of bandwidth.
  • Dartmouth Public is intended to provide Internet access for people who are on the Dartmouth campus, but who are not current Dartmouth faculty, staff, or students. This includes alumni, conference participants, and guests. This is an unauthenticated, unencrypted wireless network. The connection to the Internet is provided by an outside Internet Service Provider (ISP). Devices using this network will have a private IP address of 10.xxx.xxx.xxx while on campus, but will have a non-Dartmouth IP address when connecting to resources that are off campus. This means that any resources that require a Dartmouth IP address – including Library resources – will not be accessible from this network, unless a VPN session is started first. Users on this network are limited to 512 Kbps of bandwidth.
  • Kiewit Voice is used for wireless IP phones and is maintained specifically for that use.

Top of page

I Can't Connect to the Dartmouth Secure Network. What Is Causing This Problem?

There are a number of possible reasons:

  • The Dartmouth Root Certificate is not installed.
  • Your Dartmouth client (personal) certificate is not installed. You need an eToken or a software certificate.
  • You are using a software certificate that is not installed in the correct place (Windows requires the certificate to be installed in Internet Explorer; Mac OS X requires the certificate to be installed in the Keychain).
  • You are using the Windows operating system and are trying to use a personal software certificate that was issued by the "old" College Certificate Authority (a certificate obtained prior to August 23, 2007).
  • The wireless network management software your computer is using may not be configured correctly. Click on one of the links below to configure your machine.
  • You are using an eToken for your client (personal) certificate, but your computer is configured to look for a software certificate installed on your hard drive (or vice versa). Click on one of the links below to configure your machine.

Top of page

What Will Happen to My Wireless Connection As I Roam Around Campus?

It depends on how far you roam. There are twelve major sections of the wireless network across campus. If you happen to move from one section to another, you will need to re-authenticate - although this may be transparent to you if your PKI certificate is still available to the network. If you stay within the same section, you will maintain your connection.

Top of page

What Is an Etoken and Why Do I Need One?

An eToken is a device (about the size of a house key) that plugs into a USB port on your computer. Your eToken holds a certificate that has your name and Dartmouth's name on it, and is validated by Dartmouth College's Certificate Authority in a way that ensures it cannot be forged. The eToken also holds your private key which is used for encryption. It can only be read after supplying a password. At that point, you can be authenticated to different applications, such as:

  • The Dartmouth Secure wireless network (except for Mac OS 10.5).
  • Protected web pages or central systems that are protected by eToken access.
  • VPN access while on or off campus with the Juniper VPN (except for Mac OS 10.5).
  • Sign in and encrypt your e-mail with your PKI certificate.

For more information on eTokens, see the authentication web page.

Top of page

How Do I Get an eToken?

Students can purchase an eToken from Computer Sales and Service, located in 171 Carson Hall.

Faculty and staff should contact the IT Service Desk at 646-2999, send e-mail to Help@dartmouth.edu, or call your department's IT support office for more information on getting an eToken.

Top of page

What Is a Software Certificate and How Do I Get One?

Certificates are special files stored by your web browser, application, or operating system. A combination of a personal certificate issued by Dartmouth, and the Dartmouth root certificate allow you to be authenticated to resources on the Dartmouth network.

To get a certificate, see the authentication web page.

Top of page

I Already Have a Certificate. What Do I Do?

If your certificate is on an eToken, you just need to follow the standard configuration steps. That certificate should allow you to connect to the Dartmouth Secure (SSID) network.

If your certificate is installed on a Macintosh computer, you just need to follow the standard configuration steps. That certificate should allow you to connect to the Dartmouth Secure (SSID) network.

If your certificate is installed on a Windows computer, and the certificate was obtained on or after August 23, 2007, you just need to follow the standard configuration steps. That certificate should allow you to connect to the Dartmouth Secure (SSID) network.

If you are using a software certificate on a Windows computer that was obtained prior to August 23, 2007, you will need to obtain a new certificate before following the standard configuration steps. For information about how to get a new certificate, see Getting a Certificate (Mac, Windows). If you have not encrypted any files or e-mail messages with your old certificate, you should also delete your old certificate to avoid getting prompted each time you authenticate about which certificate you want to use.

See also:

How Do I Delete a Certificate?

Remember that previously encrypted data cannot be decrypted if the certificate used has been deleted!

  • To delete your private certificate stored on a computer's hard drive, see Deleting a Certificate (Mac, Windows).
  • To delete the certificate from an eToken, contact your department's IT support office and ask them to format it for you.

Top of page

Can I Set Up My Own Access Point?

No. Access points set up by others on campus can interfere with the access points owned and maintained by Dartmouth.

Top of page

Last Updated: 1/9/12