Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Configuring the Router

I used a D-Link DGL-4300 [reviewed], so your setup pages may differ. Open up your wireless router or AP's wireless configuration section and find the Wireless Security settings. Change the security mode to WPA-Enterprise or WPA2-Enterprise mode, add the RADIUS server's IP address and the shared secret (Figures 1 and 2).

Selecting WPA-Enterprise mode
Click to enlarge image

Figure 1: Selecting WPA-Enterprise mode

EAP Configuration
Click to enlarge image

Figure 2: EAP Configuration

Configuring a Linux Client

Connecting a Linux client using WPA or WPA2 security requires wpa_supplicant. Configure wpa_supplicant with the following options set in ".config" file in addition to the drivers and interfaces you need for your setup:

CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_TLS=y
CONFIG_PKCS12=y
#Make sure to include any other options you need as well

Re-compile and re-install wpa_supplicant. Now create a folder on the Linux client to house the client public and private keys (PKCS#12 file) and the CA certificate. In my case, I set it up in /etc/wireless.

Next edit "wpa_supplicant.conf" and add a section similar to the following, to point to your new WPA2-Enterprise setup.

# WPA2-EAP/AES using EAP-TLS
network={
        ssid="smallnetbuilder"
        key_mgmt=WPA-EAP
        eap=TLS
        identity="linux_laptop"
        ca_cert="/etc/wireless/cacert.pem"
        private_key="/etc/wireless/linux_laptop.p12"
        private_key_passwd="pA55w0rD"
}

The "identity" field should match the common name on the client certificate and the user we set up in FreeRADIUS' users file. Restart wpa_supplicant and connect to the network.

More Wireless

Wi-Fi System Tools
Check out the new Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors


Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi,I have n rt-n66u running firmware "3.0.0.4.374.43_27E5j9527" of Johns.I have recently upgraded my broadband to 300mbps, however it seems the N66U i...
I run RT-N66U with the newest 3.68_2 firmware.Since 3.68 I have had an issue with DNS-based Filtering.I run my traffic through OpenDNS with the DNS-se...
​ There's a better way to get WiFi Everywhere™.Read on SmallNetBuilder
View attachment 10496​ Synology unveiled five new NASes, targeting businesses (DS3018xs), media professionals (DS918+, DS718+ and DS218+), and value ...
I have a new RT-AC66U-B1 flashed to Asuswrt-Merlin v380.68_2 which I would like to overclock to to eke out a bit more performance with openvpn. I have...

Don't Miss These

  • 1
  • 2
  • 3
Get Backblaze Now!