1 / 15

RADIUS Secured and Authenticated WiFi

RADIUS Secured and Authenticated WiFi. Robert Leahy Charles Bodman Brandon Ellis. Setup. D-Link DIR-825 Wireless Access Point, Hardware Revision B1, Firmware Version 2.03NA Tablet running Windows 7 ( WiFi client) Server ( VMWare Workstation) running CentOS 5.5 x64 and FreeRADIUS 2.

rumer
Download Presentation

RADIUS Secured and Authenticated WiFi

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. RADIUS Secured andAuthenticated WiFi Robert Leahy Charles Bodman Brandon Ellis

  2. Setup • D-Link DIR-825 Wireless Access Point, Hardware Revision B1, Firmware Version 2.03NA • Tablet running Windows 7 (WiFi client) • Server (VMWare Workstation) running CentOS 5.5 x64 and FreeRADIUS 2

  3. Configuration Your FreeRADIUS 2 installation must be configured to use EAP. You must generate certificates for the server (ideally these would be trusted and signed, but self-signed can be used if you either bypass server authentication (bad) or install the certificate for the server on all clients (inconvenient)). You must configure a secret for the access point, and setup a user account.

  4. Configuration User account is created in /etc/raddb/users

  5. Configuration Secret is setup in /etc/raddb/clients.conf

  6. Configuration AP must be set to use WPA-Enterprise, and secret/server IP must be entered:

  7. Configuration In order to set Windows up to use WPA-Enterprise – unless you’re logging on with domain credentials with a properly-signed certificate (we’re not) – you have to do some fiddling. To get to these options, you right-click your wireless network and go to Properties.

  8. Configuration This is your first stop. In here you setup your security type (discussed earlier) and encryption type (if your router is setup to use both, choose either). You need to select PEAP (if it’s not already), and then go into Settings…

  9. Configuration …in here you need to turn of validation of the server certificate (since it’s self-signed and we’re not installing it as trusted). You then need to hit Configure and turn off automatically using Windows credentials…

  10. Configuration …once this is done we can go back to the first menu and go into Advanced Settings…

  11. Configuration …here we need to Replace Credentials and enter our WiFi credentials, and then we can connect!

  12. Connecting With configuration done, we just click Connect on the network as per usual.

  13. Connecting We can monitor the RADIUS operation by running FreeRADIUS (radiusd) with the -X switch

  14. Advantages of RADIUS In a typical WiFi network – using a pre-shared key (PSK) – the network is secure against others, but each person on the network is not secure against the others due to the shared nature of the key. RADIUS authentication obviates this issue, by providing per user authentication, and per user encryption.

More Related