Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

Wireless How To

Configuring the Router

I used a D-Link DGL-4300 [reviewed], so your setup pages may differ. Open up your wireless router or AP's wireless configuration section and find the Wireless Security settings. Change the security mode to WPA-Enterprise or WPA2-Enterprise mode, add the RADIUS server's IP address and the shared secret (Figures 1 and 2).

Selecting WPA-Enterprise mode
Click to enlarge image

Figure 1: Selecting WPA-Enterprise mode

EAP Configuration
Click to enlarge image

Figure 2: EAP Configuration

Configuring a Linux Client

Connecting a Linux client using WPA or WPA2 security requires wpa_supplicant. Configure wpa_supplicant with the following options set in ".config" file in addition to the drivers and interfaces you need for your setup:

CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_TLS=y
CONFIG_PKCS12=y
#Make sure to include any other options you need as well

Re-compile and re-install wpa_supplicant. Now create a folder on the Linux client to house the client public and private keys (PKCS#12 file) and the CA certificate. In my case, I set it up in /etc/wireless.

Next edit "wpa_supplicant.conf" and add a section similar to the following, to point to your new WPA2-Enterprise setup.

# WPA2-EAP/AES using EAP-TLS
network={
        ssid="smallnetbuilder"
        key_mgmt=WPA-EAP
        eap=TLS
        identity="linux_laptop"
        ca_cert="/etc/wireless/cacert.pem"
        private_key="/etc/wireless/linux_laptop.p12"
        private_key_passwd="pA55w0rD"
}

The "identity" field should match the common name on the client certificate and the user we set up in FreeRADIUS' users file. Restart wpa_supplicant and connect to the network.

More Wireless

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Top Performing Routers

AC3200
AC2600
AC1900
AC1750
AC1200

Top Performing NASes

NoRAID
RAID1
RAID5

Over In The Forums

Hi Folks, So I've also been having issues with the 5ghz radio failing on my RT-AC87U. My thermals are fine well within the acceptable range, but reg...
Hi. I know the default cpu/ram is 600,300,150. I just feel the router is a bit on the hot side so i am considering underclocking the router. Based...
https://www.measurementlab.net/tools/ndt/ This is google's stuff - and a link to a github so one can implement on the LAN side...
View attachment 6674 ​ Austin, TX, June 29, 2016 – Wi-Fi Alliance® is expanding Wi-Fi CERTIFIED™ ac to include new features that provide a highe...
I enabled OpenVPN server, installed the openVPN client (win10) - grabbed the config file (I had to edit it to include my public IP address, for some r...

Don't Miss These

  • 1
  • 2
  • 3