Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Configuring the Router

I used a D-Link DGL-4300 [reviewed], so your setup pages may differ. Open up your wireless router or AP's wireless configuration section and find the Wireless Security settings. Change the security mode to WPA-Enterprise or WPA2-Enterprise mode, add the RADIUS server's IP address and the shared secret (Figures 1 and 2).

Selecting WPA-Enterprise mode
Click to enlarge image

Figure 1: Selecting WPA-Enterprise mode

EAP Configuration
Click to enlarge image

Figure 2: EAP Configuration

Configuring a Linux Client

Connecting a Linux client using WPA or WPA2 security requires wpa_supplicant. Configure wpa_supplicant with the following options set in ".config" file in addition to the drivers and interfaces you need for your setup:

CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_TLS=y
CONFIG_PKCS12=y
#Make sure to include any other options you need as well

Re-compile and re-install wpa_supplicant. Now create a folder on the Linux client to house the client public and private keys (PKCS#12 file) and the CA certificate. In my case, I set it up in /etc/wireless.

Next edit "wpa_supplicant.conf" and add a section similar to the following, to point to your new WPA2-Enterprise setup.

# WPA2-EAP/AES using EAP-TLS
network={
        ssid="smallnetbuilder"
        key_mgmt=WPA-EAP
        eap=TLS
        identity="linux_laptop"
        ca_cert="/etc/wireless/cacert.pem"
        private_key="/etc/wireless/linux_laptop.p12"
        private_key_passwd="pA55w0rD"
}

The "identity" field should match the common name on the client certificate and the user we set up in FreeRADIUS' users file. Restart wpa_supplicant and connect to the network.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I just got a new Asus router and I installed Merlin and Diversion and so far it's looking amazing, big props to the developers.Anyway, stock Asus only...
Hi, Brand new RT-AC86U to upgrade from RT-AC66U. I put the most recent Merlin firmware on it (not Beta). I connect directly to the ONT (no Centurylink...
Hi,I'm about to setup a Xioami button that upon click should enable disable a VPN Client on the router settings. I use an IPTV server that at times ge...
Hi Guys,I have problem with my rt-ac86u it's bricked during update. I tried use tools to recover firmware for mac and windows but still nothing.Ok so ...
I'm still currently on AsusWRT Merlin 384.13 and trying to do a firmware upgrade to 384.19. I've downloaded the .trx file and tried updating the firmw...

Don't Miss These

  • 1
  • 2
  • 3