hostapd for authentication of win wifi clients
Bob Beers
bbeers
Tue Jul 27 13:14:41 PDT 2004
Bob Beers wrote:
>
>
>
> I'll try it again with Auth-Type := EAP, and post the results.
>
Ok, so it is authenticating now! And giving out IP addresses
via dhcpd on the hostap AP.
Summarizing:
For username/password authentication and dynamic WEP keying
of winXP wifi clients via hostapd, 802.1x and remote radiusd
server.
1) configure hostapd.conf (I'm using hostap 0.2.4) thus:
bash-2.05# cat /etc/hostapd.conf | grep = | grep -v ^#
interface=wlan0
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=2
dump_file=/tmp/hostapd.dump
daemonize=1
ssid=dugtrio
macaddr_acl=0
auth_algs=1
ieee8021x=1
eap_message=helloBob
wep_key_len_broadcast=5
wep_key_len_unicast=5
wep_rekey_period=300
eapol_key_index_workaround=0
own_ip_addr=172.16.87.23
auth_server_addr=172.16.87.12
auth_server_port=1812
auth_server_shared_secret=testing123
acct_server_addr=172.16.87.12
acct_server_port=1813
acct_server_shared_secret=testing123
bash-2.05#
2)
a)configure radiusd.conf (freeRadius 1.0.0-pre3) to allow eap in the
authorize and authenticate sections,
b)build a bunch of certificates ( for the TLS section )
c)configure eap.conf (uncomment and modify the lines in the tls and peap and
mschapv2 sections.
d)configure user(s), for example:
bob Auth-Type := EAP, User-Password == "bob"
Reply-Message = "Hello, %u"
Now, I want to tie this in to a postgreSQL database vs. the users file ...
Thanks for the feedback
-Bob
--
Bob Beers
MIEEE 2415966
More information about the Hostap
mailing list