Topic: wpa+radius on openwrt

The content of this topic has been archived on 4 Aug 2017. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Page 1 of 1

Post #1

vanvan

21 Mar 2005, 10:14

hi,

I'm just wondering if openwrt can be used for wpa + radius...

So far, I've been successfully implemented wpa-psk as written in the faq..

But when I try wpa+radius, windows xp always complain about cannot find certificate to log on to my network ..

I've observed that there are traffics on my wifi interface when I try to login to my network, but I didn't see any traffics at my wan interface to my network..

I'd set the following :

security_mode=radius
wl0_auth_mode=radius
wl0_radius_ipaddr=<my radius server ip>
wl0_radius_key=<my radius secret>
wl0_radius_port=<my radius port>

Is there anyone out there that has been successfully implemented wap+radius on their wrt54g using openwrt?

Any thought and response would be greatly appreciated..

Thanks...

Post #2

bwkaz2

21 Mar 2005, 12:56

What are you using for 802.1x in your RADIUS setup?

I have a WPA/RADIUS setup, with the WRT box authenticating against FreeRADIUS. I'm using EAP/TLS (client certificates).

I had to specifically go in and generate a client certificate for each client, then install them on the clients (including the associated private keys, of course). Have you done that? (Or do you even want to use EAP/TLS for your authentication?)

Post #3

marcosmas

21 Mar 2005, 13:04

You must run the nas binary with the following options (Please FIX ME):

/usr/sbin/nas -P /tmp/nas.pid -l br0 -H 34954 -i eth1 -A -m 1 -k RADIUS_SECRET -s SSID -w 2 -g 3600 -h RADIUS_IP -p RADIUS_PORT

Options meaning (AGAIN FIXME):

-P PID file

-l local interface

-H I don't know

-i wireless interface

-m encryption
{0=WEP
1=WPA-RADIUS
2=WPA-PSK}

-k RADIUS_SECRET

-s SSID

-w algorithm
{1=WEP
2=TKIP
4=AES}

-g key renewal time

-h RADIUS_IP

-p RADIUS_PORT

I think you must set properly the nvram too.

I would appreciate if you post your results, thanks

Post #4

marcosmas

21 Mar 2005, 13:08

What are you using for 802.1x in your RADIUS setup?
I have a WPA/RADIUS setup, with the WRT box authenticating against FreeRADIUS. I'm using EAP/TLS (client certificates).

Can you help with configuration of the FreeRADIUS?
What kind of client are you using? (xsupplicant, native winXP, etc)
Thanks

Post #5

emilus

22 Mar 2005, 10:59

This is good point to start
http://tldp.org/HOWTO/html_single/8021X-HOWTO/#AEN632
and
http://text.dslreports.com/forum/remark … ~mode=flat
If you use EAP-TLS you need client certificate...
Try to use EAP-TTLS without client certificate.

The discussion might have continued from here.

Page 1 of 1