Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

Wireless How To

Configuring the Router

I used a D-Link DGL-4300 [reviewed], so your setup pages may differ. Open up your wireless router or AP's wireless configuration section and find the Wireless Security settings. Change the security mode to WPA-Enterprise or WPA2-Enterprise mode, add the RADIUS server's IP address and the shared secret (Figures 1 and 2).

Selecting WPA-Enterprise mode
Click to enlarge image

Figure 1: Selecting WPA-Enterprise mode

EAP Configuration
Click to enlarge image

Figure 2: EAP Configuration

Configuring a Linux Client

Connecting a Linux client using WPA or WPA2 security requires wpa_supplicant. Configure wpa_supplicant with the following options set in ".config" file in addition to the drivers and interfaces you need for your setup:

CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_TLS=y
CONFIG_PKCS12=y
#Make sure to include any other options you need as well

Re-compile and re-install wpa_supplicant. Now create a folder on the Linux client to house the client public and private keys (PKCS#12 file) and the CA certificate. In my case, I set it up in /etc/wireless.

Next edit "wpa_supplicant.conf" and add a section similar to the following, to point to your new WPA2-Enterprise setup.

# WPA2-EAP/AES using EAP-TLS
network={
        ssid="smallnetbuilder"
        key_mgmt=WPA-EAP
        eap=TLS
        identity="linux_laptop"
        ca_cert="/etc/wireless/cacert.pem"
        private_key="/etc/wireless/linux_laptop.p12"
        private_key_passwd="pA55w0rD"
}

The "identity" field should match the common name on the client certificate and the user we set up in FreeRADIUS' users file. Restart wpa_supplicant and connect to the network.

Amazon Top-Selling Wireless Routers

More Wireless

Featured Sponsors

Top Performing Routers

AC3200
AC2350
AC1900
AC1750
AC1200

Top Performing NASes

NoRAID
RAID1
RAID5

Over In The Forums

It seems that the invocation for the lld2d daemon in rc is off; it will only start for the P/R/W models. There is a check in start_lltp() which fails...
Hi, I am using an AC87U with newest version 55.0. Is there currently a rule how to generate ca and keys, given the fact that there are newer openSSL v...
Got a Linksys WRT1900AC over the weekend - so far so good on the network front. Easy setup & speedy connections. The major reason I need the attached...
I have a 105 mbps internet connection going into my current generation Airport Extreme which sits on the first floor of my house. I currently have no...
There is new firmware 1.0.6.2 for the Cisco WAP321 wireless units. I just upgraded my 3 units. Simple upgrade no problems.

Don't Miss These

  • 1
  • 2
  • 3