How To Set Up A Wireless Ne..

How To Set Up A Wireless Network Using WPA/WPA2 With Radius Au... http://www.howtoforge.com/how-to-set-up-a-wireless-network-using-w...
Syndicate
HowtoForge Feed for Facebook®

"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.
English | Deutsch | Site Map/RSS Feeds | Advertise
You are here: Home » How To Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication With CIITIX-WiFi » How
To Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication With CIITIX-WiFi - Page 2
How To Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication

With CIITIX-WiFi - Page 2
Do you like HowtoForge? Please consider supporting us by becoming a

subscriber.
Submitted by lashfay (Contact Author) (Forums) on Mon, 2010-09-20
Remote Access Server Current News on Virtua 18:14. ::
At this point your new radius authentication server
Leverage ODE Why not use a free BPMS? Wit
is installed and will now restart and boot. After the
Mikrotik Wireless product StarGate wireless s reboot is complete will find out the machine's IP
address so we can administer it.
15) After it has rebooted, log into the machine with username
root and password you created before.
4 of 15 11/1/2010 1:20 PM
16) Now click on JWM > Terminal you will see a black box appear, in that type
ifconfig
Then hit enter. It will display the status of all network cards on the system. Mine is called eth0 with an IP
address of 192.168.0.15 as in the picture. Your IP will be different. Look for inet addr:
5 of 15 11/1/2010 1:20 PM
Administration of the system is done through a web page. Some users will want to enable this page to be
viewed over the local network. By default it is not done, meaning you need physical access to the machine it is
running on to add users etc. If you Don't want to enable remote viewing of the web interface skip this section.
All we need to do is edit one text file and change one parameter. If you know how to edit this file change line
290 to read:
Allow from all
The file is located in /etc/apache2/apache2.conf. We need to obtain a program called WinSCP and install it
on a Windows based PC. This program is like a remote file explorer for a Linux based system. Download and
install it from http://winscp.net/eng/download.php. After you have this program installed run it and follow these
steps:
A) Click NEW.
B) Fill out the details:
6 of 15 11/1/2010 1:20 PM
host name = ip address of the machine
user name = root
password = the password you created before
C) Click Save.
D) Now click Login.
E) Double click on the two dots ( ..) at the top of the directory listing:
Mail Server Anti-Spam

Anti Spam Gateway for Mail Servers.
Try it for Free!
AntiSpam.byteplant.com
F) Now double click on the following in this order:
etc
apache2
apache2.conf
G) It will now open up the apache2.conf file for editing. Go right to the bottom of the file to line 290 and
make it read:
7 of 15 11/1/2010 1:20 PM
Allow from all
Click the disk icon on the top left to save it and now close that window.
H) Now in WinSCP go to Commands > open terminal (or Crtl+T does the same thing) and copy and paste the
following command, then hit execute:
/etc/init.d/apache2 restart
This will restart the web server and re read the file we just edited and all access to the web interface from the
local network.
I) Using your web browser point it to the IP address if your machine. Replace 192.168.0.15 with your IP
address.
192.168.0.15/daloradius
You will be greeted with the login page. The username is administrator and password is radius. If you have
enabled the web administration on the local network you will want to change this password. If you enter
something incorrect you will get this error:
8 of 15 11/1/2010 1:20 PM
The following will set up a single user and NAS device.
17) Go to management > user > new user and enter a username and password of your choice. Make sure to
select Cleartext-Password as the type. After you're done, click Apply.
18) Go to Management > NAS > new NAS.
A) Enter the IP address of your access point or router, in this case it's 192.168.0.1
B) Create a password in NAS Secret.
C) NAS Type = other (unless your using a Cisco AP choose other).
9 of 15 11/1/2010 1:20 PM
D) Create a short NAS name, in this case I chose dlinkap:
Now we're done here, we need to log into the access point / router and make it use the new authentication
server.
The following screenshots used here are from a D-Link DAP-1150 access point. Practically all access points are
the same, you will need to find where yours keeps these settings. What we need to do is make it use WPA or
WPA2 enterprise and specify the radius server, that's it. The radius server IP is the IP address of the
CIITIX-WiFi server and the port is always 1812 and the shared secret is the password you created when we
were adding a NAS device.
10 of 15 11/1/2010 1:20 PM
The only thing left is to get a copy of the certificates that our workstation will use to log on. Using WinSCP
navigate to
/etc/freeradius/certs/client-certificates
You will see two file in there. Copy these to your desktop, you can drag and drop these from WinSCP. It makes
good sense to copy these to a USB flash drive for ease of installation on other PC's. Check out previous steps on
where to get and how to use WinSCP.
With Windows 7 you can double click on one of these certificates and an installation wizard will appear to guide
you.
11 of 15 11/1/2010 1:20 PM
Make sure you specify to install them in trusted root certificates the same goes for windows XP, Vista.
Now upon trying to connect to the wireless network you will be prompted for a password. Enter the username
and password you created in the 'users' section in the web management and that's it. The password for the
certificate when installing is ciitixwifi your done!
A quick guide is:
1) On the workstation double click on the ca certificate > click open > click install certificate >
click next > choose place all in following store > click browse > click trusted root
certification > click ok > click next > finish:
2) Double click on server certificate > click next > click next > enter password ciitixwifi >
click next > place all in following store > browse > trusted root ca > ok > next > finish.
That's it. When you try to connect to the WiFi network it will use the certificate automatically and ask for a user
name and password as pictured below.
12 of 15 11/1/2010 1:20 PM
Windows might complain upon the first time using the certificate. This is normal and it won't ask you gain after
the first time. Its because its a self signed certificate from your CIITIX-WiFi server. Iphone and Ipad devices
will automatically obtain the certificates from the server. You do not need to install these manually. Linux users
will need to Install the certificates, there are many flavours of Linux, but some distros such as Linux Mint which
is Ubuntu based can install the certificates by double clicking on them. Again a wizard appears to guide you.
Other devices which are run an embedded OS such as the Nintendo Wii for example may not be compatible with
Enterprise Authentication.
previous up
How To Set Up A Wireless Network Using
WPA/WPA2 With Radius Authentication With
CIITIX-WiFi
Copyright © 2010 David

All Rights Reserved.
add comment | view as pdf | print: this | all page(s) |
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
13 of 15 11/1/2010 1:20 PM
password
Submitted by dan (not registered) on Thu, 2010-09-23 06:37.
after enabling the web interface where can I change the administrator password ?
reply | view as pdf
Re: password
Submitted by awan (registered user) on Fri, 2010-09-24 10:59.
Login to the Web Interface (I hope u know the default passwd)
Go to
"Config" -> "Maintenance
Click on "List operators"
You should see the administrator user.
Click on it & on prompt change/enter the new password.
reply | view as pdf
Sponsored Links: Turn your desk phone and mobile phone into one with Sprint Mobile Integration.
www.seamlessenterprise.com
One number. One voicemail. Seize the lead. Sprint Mobile Integration.
One Number. One Voicemail.

Make it easier for clients to reach you. Turn your desk phone and mobile phone into one with Sprint Mobile Integration.
One number. One voicemail. Sprint Mobile Integration.

One number. one voicemail. Seize the lead with Sprint. Learn more
AT&T Synaptic Compute as a Service. Boost your power on demand.
Trial: IBM Cognos Express Reporting, Analysis & Planning
Learn benefits of Simpana software.

View the Gartner Video
Sprint 4G - The Ultimate Mobile Broadband

Click here
SAP-Business Objects Crystal Reports Server

Complete reporting without hidden costs. Free Trial
Howtos | Mini-Howtos | Forums | News | Search | Contribute | Subscription

Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint
14 of 15 11/1/2010 1:20 PM
Copyright © 2010 HowtoForge - Linux Howtos and Tutorials

All Rights Reserved.
15 of 15 11/1/2010 1:20 PM

How To Set Up A Wireless Ne..

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

How To Set Up A Wireless Ne..

Uploaded by

Copyright:

Available Formats

How To Set Up A Wireless Network Using WPA/WPA2 With Radius Au... http://www.howtoforge.com/how-to-set-up-a-wireless-network-using-w...

HowtoForge Feed for Facebook®

English | Deutsch | Site Map/RSS Feeds | Advertise

How To Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication

Do you like HowtoForge? Please consider supporting us by becoming a

Allow from all

B) Fill out the details:

host name = ip address of the machine

user name = root

password = the password you created before

D) Now click Login.

Mail Server Anti-Spam

F) Now double click on the following in this order:

Allow from all

The following will set up a single user and NAS device.

18) Go to Management > NAS > new NAS.

B) Create a password in NAS Secret.

C) NAS Type = other (unless your using a Cisco AP choose other).

D) Create a short NAS name, in this case I chose dlinkap:

A quick guide is:

Copyright © 2010 David

add comment | view as pdf | print: this | all page(s) |

Login to the Web Interface (I hope u know the default passwd)

"Config" -> "Maintenance

Click on "List operators"

You should see the administrator user.

Click on it & on prompt change/enter the new password.

reply | view as pdf

One Number. One Voicemail.

One number. One voicemail. Sprint Mobile Integration.

AT&T Synaptic Compute as a Service. Boost your power on demand.

Trial: IBM Cognos Express Reporting, Analysis & Planning

Learn benefits of Simpana software.

Sprint 4G - The Ultimate Mobile Broadband

SAP-Business Objects Crystal Reports Server

Howtos | Mini-Howtos | Forums | News | Search | Contribute | Subscription

Copyright © 2010 HowtoForge - Linux Howtos and Tutorials

You might also like