Skip to main content

ProGlove Documentation

Additional Wi-Fi settings

When providing your network credentials in the network.json file, you can also include additional fields in the file to adjust the network authentication protocols or even provide multiple networks' details.

Note

Configuring additional network settings using the network.json is supported on Gateway Plus starting with firmware version 2.13.0.

Wi-Fi fields

The main field that contains the list of Wi-Fi credentials and settings is wifi_auth and can contain the following fields:

Field

Type

Description

Required

Default

Values

ssid

String

The SSID of the access point, i.e. the network's name.

Required

The SSID can have maximum 32 characters.

visibility

String

Whether the network is visible or hidden.

Optional

ACCESS_POINT_VISIBILITY_VISIBLE

  • ACCESS_POINT_VISIBILITY_VISIBLE

  • ACCESS_POINT_VISIBILITY_HIDDEN

priority

Integer

Auto-connect priority. Networks with higher priority will be connected to first.

Optional

0

For connections with identical values, the behavior is undefined and left up to the network manager.

wifi_auth

Object

The authentication method used.

Required

  • wpa_psk

  • wpa_eap

interface_settings

Object

IP settings for the specific interface

Optional

See below for Interface settings.

WPA Personal

If you are using the WPA Personal authentication method, in the network.json file, add wpa_psk holding the psk (pre-shared key) field and put your network's password as value.

Example 161. Example
{
  "wifi": {
		"wifi_auth": [
			{
				"ssid": "Your SSID",
				"visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
				"priority": 10,
				"wpa_psk": {
					"psk": "p4$$w0rD"
				}
			}
		]
  }
}


WPA Enterprise (EAP)

If you are using the WPA Enterprise authentication method, in the network.json file, add the wpa_eap field that can hold the following fields and values:

Field

Description

Type

Required

Value

anonymous_identity

The anonymous identity used to talk to the proper RADIUS server.

String

Optional

The identity value can have 0-128 characters.

domain

The domain / realm of the RADIUS server.

String

Optional

The domain value can have 0-128 characters.

ca_cert_path

The path to a CA root certificate used to authenticate the RADIUS server.

String

Optional

A relative path in the archive to the PEM certificate.

EAP Authentication

The type of WPA-Enterprise authentication.

Object

Required

  • eap_tls

  • peap

  • eap_ttls

Example 162. Example
{
  "wifi": {
	"wifi_auth": [
	    {
		"ssid": "Your SSID",
		"visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
		"priority": 20,
		"wpa_eap": {
	            "anonymous_identity": "anonymous",
		    "domain": "",
		    "ca_cert_path": "ca_cert.pem",
		    "peap": {
			"identity": "John Doe",
			"password": "p4$$w0rD",
			"inner_auth": "PEAP_INNER_AUTH_MSCHAPV2"
		    }
		}
    	    }
        ]
    }
}


EAP-TLS

If you are using the EAP-TLS authentication method, in the network.json file, add the eap_tls field that can hold the following fields and values:

Field

Description

Type

Required

Value

identity

The identity (username) stored in the RADIUS server database to authenticate the client.

String

Required

The identity value must have 1-128 characters.

user_cert_path

The path to the user's public certificate.

String

Required

The relative path in the archive to the PEM certificate

private_key_path

The path to the user's private key.

String

Required

The relative path in the archive to the PEM certificate

private_key_password

The private key password used to open it.

String

Optional

Example 163. Example
{
  "wifi": {
    "wifi_auth": [
	   {
	        "ssid": "Your SSID",
		"visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
		"priority": 20,
		"wpa_eap": {
		    "anonymous_identity": "anonymous",
		    "domain": "",
		    "ca_cert_path": "ca_cert.pem",
		    "eap_tls": {
		        "identity": "John Doe",
			"user_cert_path": "cert_tls.pem",
			"private_key_path": "key_tls.pem",
			"private_key_password": "p4$$w0rD"
		    }
		}
	    }
	]
    }
}


EAP-TTLS

If you are using the EAP-TTLS authentication method, in the network.json file, add the eap_ttls field that can hold the following fields and values:

Field

Description

Type

Required

Value

identity

The identity (username) stored in the RADIUS server database to authenticate the client.

String

Required

The identity must have 1-128 characters.

password

The password associated with the identity.

String

Required

inner_auth

The inner authentication.

String

Required

  • EAP_TTLS_INNER_AUTH_PAP

  • EAP_TTLS_INNER_AUTH_MSCHAPV2

  • EAP_TTLS_INNER_AUTH_MSCHAPV2_NO_EAP

  • EAP_TTLS_INNER_AUTH_CHAP

  • EAP_TTLS_INNER_AUTH_MD5

  • EAP_TTLS_INNER_AUTH_GTC

Example 164. Example
{
  "wifi": {
		"wifi_auth": [
			{
				"ssid": "Your SSID",
				"visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
				"priority": 20,
				"wpa_eap": {
					"anonymous_identity": "anonymous",
					"domain": "",
					"ca_cert_path": "ca_cert.pem",
					"eap_ttls": {
						"identity": "John Doe",
						"password": "p4$$w0rD",
						"inner_auth": "EAP_TTLS_INNER_AUTH_PAP"
					}
				}
			}
		]
	}
}


PEAP

If you are using the PEAP authentication method, in the network.json file, add the peap field that can hold the following fields and values:

Field

Description

Type

Required

Value

identity

The identity (username) stored in the RADIUS server database to authenticate the client.

String

Required

The identity must have 1-128 characters.

password

The password associated with the identity.

String

Required

inner_auth

The inner authentication.

String

Required

  • PEAP_INNER_AUTH_MSCHAPV2

  • PEAP_INNER_AUTH_GTC

Example 165. Example
{
    "wifi": {
        "wifi_auth": [
            {
                "ssid": "Your SSID",
                "visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
                "priority": 20,
                "wpa_eap": {
                    "anonymous_identity": "anonymous",
                    "domain": "",
                    "ca_cert_path": "ca_cert.pem",
                    "peap": {
                        "identity": "John Doe",
                        "password": "p4$$w0rD",
                        "inner_auth": "PEAP_INNER_AUTH_MSCHAPV2"
                    }
                }
            }
        ]
    }
}


NTP settings

When using a custom NTP, make sure all NTP servers get added to the trusted list on your firewall. This will ensure the time of your Gateway Plus stays synchronous with the INSIGHT webportal.

Note

NTP settings are supported on Gateway Plus starting with firmware version 2.13.0.

Field

Description

Type

Values

ntp_servers

NTP server list. Can be a URL or an IP address (v4 or v6).

List of strings

Maximum 2

0.debian.pool.ntp.org
1.debian.pool.ntp.org
2.debian.pool.ntp.org
3.debian.pool.ntp.org

Examples

{
    "wifi": {
	    "wifi_auth": [
			{
				"ssid": "Test",
				"wpa_psk": {
					"psk": "xxxxxxxxxxx"
				},
				"ntp_settings": {
					"ntp_servers": [
						"0.arch.pool.ntp.org",
						"1.arch.pool.ntp.org"
					]
				}
			}
		]
	}
}
{
    "ethernet": {
		"ntp_settings": {
			"ntp_servers": [
              "0.arch.pool.ntp.org",
              "1.arch.pool.ntp.org"
			]
		}
    }
}
Interface settings

Dynamic Host Configuration Protocol (DHCP) is used by default for IPv4 and IPv6 if no settings are specified.

Note

Interface settings are supported on Gateway Plus starting with firmware version 2.13.0.

Table 34. IP version selection

Field

Description

Type

Required

Values

ipv4_settings

IPv4 settings

Object

Optional

See IP settings below.

ipv6_settings

IPv6 settings

Object

Optional

See IP settings below.



IP Settings

The following settings are common to IPv4 and IPv6:

Table 35. IP Settings

Field

Description

Type

Required

Default

Values

ip_method

The type of IP assignment

String

Optional

IP_METHOD_AUTO_DHCP

  • IP_METHOD_AUTO_DHCP

  • IP_METHOD_MANUAL

  • IP_METHOD_DISABLED

ip_addresses

The addresses to use in case of a manual method.

Array/[Object]

Optional

See below for IPv4 and IPv6 addresses.



Table 36. IPv4 addresses

Field

Description

Type

Required

Default

Example

address

The address to assign to the Gateway Plus.

String

Required

192.168.1.42

netmask

The IP netmask to use (can be either the IPv4 address or a number).

String

Optional

255.255.255.255

  • 255.255.255.0

  • 32

gateway

The address of the network gateway (not to be confused with the ProGlove Gateway Plus device).

String

Optional

192.168.1.1



Table 37. IPv6 addresses

Field

Description

Type

Required

Default

Example

address

The address to assign to the Gateway Plus.

String

Required

001:db8:abcd:0012:ffff:ffff:ffff:ffff

prefix

The prefix length of the network.

String

Optional

128

64

gateway

The address of the network gateway (not to be confused with the ProGlove Gateway Plus device).

String

Optional

2001:db8:abcd:0012:0000:0000:0000:0000



External certificates

If your selected authentication method includes required fields like user_cert_path and private_key_path or optional fields like ca_cert_path, you have to include the targeted certificates in the zipped provisioning file.

The example below displays a case where a single network.json file is used for provisioning the Gateway Plus with credentials to connect to multiple networks using four authentication protocols: WPA Personal, EAP-TTLS, PEAP, and EAP-TLS.

There are three external certificates referenced inside the following fields of the network.json file:

  • ca_cert_path

  • user_cert_path

  • private_key_path

To provision your Gateway Plus with these certificates, include the .pem files in the same folder with the network.json file, zip them together and apply the provisioning file.

Example 166. Example of the provisioning .zip file structure
  • network.zip

    • network.json

    • ca_cert.pem

    • cert.pem

    • key.pem



Example 167. Example
{
    "wifi": {
        "wifi_auth": [
            {
                "ssid": "Your SSID",
                "visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
                "priority": 10,
                "wpa_psk": {
                    "psk": "p4$$w0rD"
                }
            },
            {
                "ssid": "Your SSID",
                "visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
                "priority": 20,
                "wpa_eap": {
                    "anonymous_identity": "anonymous",
                    "domain": "",
                    "ca_cert_path": "ca_cert.pem",
                    "eap_ttls": {
                        "identity": "John Doe",
                        "password": "p4$$w0rD",
                        "inner_auth": "EAP_TTLS_INNER_AUTH_PAP"
                    }
                }
            },
            {
                "ssid": "Your SSID",
                "visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
                "priority": 20,
                "wpa_eap": {
                    "anonymous_identity": "anonymous",
                    "domain": "",
                    "ca_cert_path": "ca_cert.pem",
                    "peap": {
                        "identity": "John Doe",
                        "password": "p4$$w0rD",
                        "inner_auth": "PEAP_INNER_AUTH_MSCHAPV2"
                    }
                }
            },
            {
                "ssid": "Your SSID",
                "visibility": "ACCESS_POINT_VISIBILITY_VISIBLE",
                "priority": 20,
                "wpa_eap": {
                    "anonymous_identity": "anonymous",
                    "domain": "",
                    "ca_cert_path": "ca_cert.pem",
                    "eap_tls": {
                        "user_cert_path": "cert.pem",
                        "private_key_path": "key.pem",
                        "private_key_password": "p4$$w0rD"
                    }
                }
            }
        ]
    }
}