Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

Linux Enterprise Security Demo

Linux Enterprise Security Demo

Aditi_B
Moderator
Moderator
Moderator
500 replies posted 5 questions asked 250 replies posted

Setup Enterprise Connection

WPA2-Enterprise Connection-

Client Side-

  1. Need a config file that establishes connection with the AP and the server.

The config file can be created and a sample wpa2_sup.conf is attached

wpa2_sup.png

  1. Execute the .conf file via the command - wpa_supplicant -Dnl80211 -iwlan0 -c wpa2_sup.conf


NAS/AP side-

  1. Put the AP in the WPA2-Enterprise mode (authentication mode).
  2. Provide the server’s IP address, server port as 1812, provide “connection secret (should be same on server and AP side)” that is shared between the server and the AP.
  3.  Set “Protected Management Frames” to “Capable” and “Group Key Rotation Interval” to “3600”.

 

 Note- These settings are not fixed. It can change as per the setup.

Server Side-

  1. Provide “Username” and “Password”. (Usually in the server directory, there is a “users” file where these parameters are defined. The name of the file may be different as per the setup.)
  2. Provide the “IP address of the NAS/AP” and the “connection secret” in “clients.conf” file.
  3. Provide the certificates in the “certs” directory.
  4. Start the server and check if everything works fine by “freeradius -X” or “radiusd -X”

Note – The file names and commands can vary. Please check as per your setup.

0 Likes
236 Views