i n t e l l i g e n t | w i r e l e s s | p l a t f o r m |
Appendix A: Configuration of the Radius Server
FreeRADIUS/WinXP Authentication Setup
This document describes how to build a FreeRADIUS server for TLS and PEAP authentication, and how to configure the Windows XP clients (supplicants). The server is configured for a home (or test) network.
Three papers have been written about TLS authentication with a FreeRADIUS server and are available at the following websites:
1)www.missl.cs.umd.edu/wireless/eaptls
2)www.freeradius.org/doc/EAPTLS.pdf
3)www.denobula.com
These papers provide an excellent background, but are somewhat out of date. Where appropriate, we will simply refer to these documents rather than repeating the information. We recommend that you follow the steps we give below rather than the steps in these documents.
If you follow this example, please make the needed changes to the names of the files. We installed the FreeRADIUS and OpenSSL files in special local directories. This ensures that there is no interaction between the base Linux files and the new files. It also allows you to easily remove all of the newly installed files.
The FreeRADIUS and OpenSSL snapshots used in constructing the server are beta software.
1. Download and Install OpenSSL and FreeRADIUS
The first step is to download and install the latest snapshot versions of OpenSSL and FreeRADIUS.
a. OpenSSL
»ftp://ftp.openssl.org/snapshot/
Then We used the following nine steps:
mkdir
gunzip
./config shared
make install
That completes the work with OpenSSL, except for building the required certificates.
When you perform the config, make, and
airPoint™ Nexus User Configuration Guide | Page 44 of 55 |
|
