IEEE 802.11x mit Radius (WPA(2), TLS, Radius)

IEEE 802.11x mit Radius (WPA(2), TLS, Radius)

Access Point

/etc/config/wireless

# Examples for encryption:
# psk-mixed/tkip        => WPA1+2 PSK, TKIP
# wpa-psk2/tkip+aes     => WPA2 PSK, CCMP+TKIP
# wpa2/tkip+aes         => WPA2 RADIUS, CCMP+TKIP
config 'wifi-iface' 'private'
	option 'device' 'wifi0'
	option 'network' 'ap2'
	option 'mode' 'ap'
	option 'isolate' '1'
	option 'ssid' 'My SSID'
	option 'hidden' '0'
	option 'encryption' 'wpa2/tkip+aes'
	option 'key' 'Radius Shared Key'
	option 'server' 'Radius IP'
	option 'nasid' 'other'
	option 'port' '1812'

don't start chilli, use nodogsplash
start dhcpd listening on ath1 and/or ath2

WPA-PEAP

Radius Server

radius:

select * from radcheck where username="MyUSERNAME"\G
 username: MyUSERNAME
 attribute: User-Password
        op: ==
     value: MyPASSWORD

Client (Notebook)

wpa_supplicant.conf

network={
  ssid="My SSID'"
  scan_ssid=1
  key_mgmt="WAP_EAP"
  eap="PEAP"
  identity="MyUSERNAME"
  password="MyPASSWORD"
  phase2="auth=PAP"
}

WPA-T(T)LS

Radius Server

radius:

select * from radcheck where username="MyUSERNAME"\G
 Empty set

Client (Notebook)

wpa_supplicant.conf

network={
  ssid="My SSID'"
  scan_ssid=1
  key_mgmt="WAP-EAP"
  eap="TLS"
  identity="MyUSERNAME"
  client_cert="PATH_TO_client.pem"
  private_key="PATH_TO_client.key"
  private_key_password="PRIVATE_KEY_PASSWORD"
}

IEEE 802.11x mit Radius (WPA(2), TLS, Radius)

Access Point

WPA-PEAP

Radius Server

Client (Notebook)

WPA-T(T)LS

Radius Server

Client (Notebook)

Links

Ansichten

Navigation

Eigene Werkzeuge

Suche

Werkzeuge

Werbung