• View
• Edit
• History
• Print
• Backlinks

Wireless-Linux

LINUX RADIUS CLIENT CONFIGURATION

The installation is as follows and you should have administrative privileges.

1.  Configuration with NetworkManager

Many desktop linux installations (CentOS, Debian, Fedora, Ubuntu, etc) use NetworkManager to control wireless network access.

• The server certificate has to be installed in your computer. To begin, download this certificate.
• Navigate to:
  • System --> Preferences --> Network Connections
• Click the "Wireless" tab.
• Click the "Add" button
  
• Use the following settings:
  • Under the "Wireless" tab:
  • Connection name: Acad Connection (This can actually be anything you want)
  • SSID: acad
  • Mode: Infrastructure
    
• Under the "Wireless Security" tab:
  • Security: Dynamic WEP (802.1x)
  • Authentication: Tunneled TLS
  • Anonymous Identity: anonymous
  • CA Certificate: root.der (the certificate you downloaded above)
  • Inner Authentication: PAP
  • User Name: YOUR_UNIX_LOGIN
  • Password: YOUR_UNIX_PASSWORD
    

2.  Manual configuration using xsupplicant

2.1 Download the XSupplicant

The XSupplicant can be downloaded from local server or from the XSuplicant web page.

2.2 Decompress the file and execute

# tar –zxvf <FILE>

# cp etc/ttls-example /etc/xsupplicant.conf
# ./configure
# make
# make install

The executable you want to use should be located in /usr/local/sbin/xsupplicant

2.3 Set up a configuration file

A configuration file has to be set up, depending on your account. It should look like:

# cat /etc/xsupplicant.conf
  # File xsupplicant.conf
  network_list = all 

  default_netname = NETWORK_SSID

  startup_command = <BEGIN_COMMAND>echo "some command"<END_COMMAND>

  # The next command is executed after the authentication. Since the router blocks the connection until authenticated,
  # you'll need you run your system DHCP client to obtain a valid IP address after the authentication process

  first_auth_command = <BEGIN_COMMAND>dhclient -cf /etc/dhclient.conf %i<END_COMMAND>
  reauth_command = <BEGIN_COMMAND>echo "authenticated user %i"<END_COMMAND>
  logfile = /var/log/xsupplicant.log

  NETWORK_SSID

  {
    # type: the type of this network. wired or wireless, if this value is not
    # set, xsupplicant will attempt to determine if the interface is wired or
    # wireless.  In general, you should only need to define this when
    # xsupplicant incorrectly identifies your network interface.
    #type = wireless

    allow_types = all
    identity = <BEGIN_ID>anonymous<END_ID>
    eap-ttls {
        # As in tls, define either a root certificate or a directory
        # containing root certificates.

        root_cert = NONE
        # root_dir = /path/to/root/certificate/dir
        # crl_dir = /path/to/dir/with/crl

        chunk_size = 1398
        phase2_type = pap
        pap { 

          username = <BEGIN_UNAME>unix_user_name<END_UNAME>
          password = <BEGIN_PASS>unix_password<END_PASS> 
        }
    }
  }

• The value NETWORK_SSID should take is:
  acad
• The unix_user_name and unix_password correspond to your account name and password respectively.
• Now the wireless interface has to be setup: (Assuming your wireless adapter is eth1)

# iwconfig eth1 essid “NETWORK_SSID”
# ifconfig eth1 up

Start xsupplicant and check event log: # xsupplicant –I eth1 –dasic -f

3.  Test your connection

• After the authentication, your system should get a valid IP address and you are ready to go!
• Or you can open Firefox and see if you can access the internet. Use the Help Request System if you have trouble.