How to enable WPA2 Enterprise with snapshots

I have checked history discussions about WPA2 Enterprise, and tried without success. The latest snapshot is what I was using, tried with wpad (full) and hostapd-openssl as alternative, but none of them succeeded.

The freeradius service 192.168.1.3 is up and running with another host in the local network.

config wifi-iface 'enterprise_radio0'
       option device 'radio0'
       option network 'lan'
       option mode 'ap'
       option ssid 'NETGEAR06-ENT'
       option encryption 'wpa2'
       option server '192.168.1.3'
       option key 'testing123'

The above is my configuration. After wifi down & wifi up, the other ssid associated with the radio0 also disappeared, and the enterprise version was not appeared neither.

Not sure what went wrong. Can anyone help me with this? If any further info is needed, I will get back to you ASAP.

In my 19.07.7 I have set
options auth_server, auth_secret, auth_port, and encryption is set to wpa2+ccmp:

option auth_server '191.167.78.51'                                                               
option mode 'ap'                                                          
option auth_port '1812'                                                   
option auth_secret 'XXXX'
option encryption 'wpa2+ccmp'

Just tested with your suggestion, but unfortunately it didn't work.

Edit: I have removed the wpad-basic-wolfssl package and installed wpad (full).

What does "it didn't work" mean in detail ?
Does the wifi radio not come up, or is authentication not successful ?
In case 1 check the system log and maybe increase the log level, then repeat restrting wifi
In case 2 use freeradius debugging ( -X parameter, described in freeradius documentation)

It seems to be the case 1, the logread showed something like this:

Mon Apr  5 02:01:27 2021 daemon.notice hostapd: Configuration file: /var/run/hostapd-phy1.conf (phy wlan1) --> new PHY
Mon Apr  5 02:01:27 2021 daemon.notice hostapd: wlan1: interface state UNINITIALIZED->COUNTRY_UPDATE
Mon Apr  5 02:01:28 2021 kern.info kernel: [12216.117302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
Mon Apr  5 02:01:28 2021 daemon.notice hostapd: Configuration file: /var/run/hostapd-phy0.conf (phy wlan0) --> new PHY
Mon Apr  5 02:01:28 2021 daemon.err hostapd: Line 68: unknown configuration item 'auth_server_addr'
Mon Apr  5 02:01:28 2021 daemon.err hostapd: Line 69: unknown configuration item 'auth_server_port'
Mon Apr  5 02:01:28 2021 daemon.err hostapd: Line 70: unknown configuration item 'auth_server_shared_secret'
Mon Apr  5 02:01:28 2021 daemon.err hostapd: Invalid IEEE 802.1X configuration (no EAP authenticator configured).
Mon Apr  5 02:01:28 2021 daemon.err hostapd: 4 errors found in configuration file '/var/run/hostapd-phy0.conf'
Mon Apr  5 02:01:28 2021 daemon.err hostapd: Failed to set up interface with /var/run/hostapd-phy0.conf
Mon Apr  5 02:01:28 2021 daemon.notice netifd: radio0 (6609): Command failed: Invalid argument

Is it some kind of conflict between wpad and hostapd? Not sure if it's related, the first unsuccessful attempt showed hostapd is the hinder of installing wpad.

Edit: Currently opkg list-installed showed that hostapd-common is in the list.

BTW, my AP is mt7621 (D-Link DIR-860L B1), hope it's not the limitation of the hardware that's the problem.

In addition, try to install hostapd

I think you need wpad-openssl or wpad-wolfssl as the description says "This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS…". hostapd is part of it. In LuCi you should be able to select the wpa2-eap. Of course you also need to set up a radius server on your netwerk (optionally on the same router).

image810×442 17.5 KB

Everyone, thanks for your kind help.

Just installed wpad-wolfssl and rebooted the router, the WPA2 Enterprise finally works.

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.