hostapd for authentication of win wifi clients

Bob Beers bbeers
Tue Jul 27 13:14:41 PDT 2004



Bob Beers wrote:
> 
> 

> 
> I'll try it again with Auth-Type := EAP, and post the results.
> 


Ok, so it is authenticating now!  And giving out IP addresses
  via dhcpd on the hostap AP.

Summarizing:

For username/password authentication and dynamic WEP keying
  of winXP wifi clients via hostapd, 802.1x and remote radiusd
  server.

1) configure hostapd.conf (I'm using hostap 0.2.4) thus:

bash-2.05# cat /etc/hostapd.conf | grep = | grep -v ^#
interface=wlan0
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=2
dump_file=/tmp/hostapd.dump
daemonize=1
ssid=dugtrio
macaddr_acl=0
auth_algs=1
ieee8021x=1
eap_message=helloBob
wep_key_len_broadcast=5
wep_key_len_unicast=5
wep_rekey_period=300
eapol_key_index_workaround=0
own_ip_addr=172.16.87.23
auth_server_addr=172.16.87.12
auth_server_port=1812
auth_server_shared_secret=testing123
acct_server_addr=172.16.87.12
acct_server_port=1813
acct_server_shared_secret=testing123
bash-2.05#

2)
  a)configure radiusd.conf (freeRadius 1.0.0-pre3) to allow eap in the
     authorize and authenticate sections,
  b)build a bunch of certificates ( for the TLS section )
  c)configure eap.conf (uncomment and modify the lines in the tls and peap and
    mschapv2 sections.
  d)configure user(s), for example:

bob     Auth-Type := EAP, User-Password == "bob"
         Reply-Message = "Hello, %u"


Now, I want to tie this in to a postgreSQL database vs. the users file ...


Thanks for the feedback

-Bob

-- 
Bob Beers
MIEEE 2415966





More information about the Hostap mailing list