How to Set Up a Wireless Ne

Syndicate

HowtoForge Feed for Facebook®"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.

English | Deutsch | Site Map/RSS Feeds | Advertise

You are here: Home » How To Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication With CIITIX-WiFi » HowTo Set Up A Wireless Network Using WPA/WPA2 With Radius Authentication With CIITIX-WiFi - Page 2

How To Set Up A Wireless Network Using WPA/WPA2 With Radius AuthenticationWith CIITIX-WiFi - Page 2

Do you like HowtoForge? Please consider supporting us by becoming asubscriber.

Submitted by lashfay (Contact Author) (Forums) on Mon, 2010-09-2018:14. ::

At this point your new radius authentication serveris installed and will now restart and boot. After thereboot is complete will find out the machine's IPaddress so we can administer it.

15) After it has rebooted, log into the machine with usernameroot and password you created before.

Remote Access Server Current News on Virtua

Leverage ODE Why not use a free BPMS? Wit

Mikrotik Wireless product StarGate wireless s

How To Set Up A Wireless Network Using WPA/WPA2 With Radius Au... http://www.howtoforge.com/how-to-set-up-a-wireless-network-using-w...

4 of 15 11/1/2010 1:20 PM

16) Now click on JWM > Terminal you will see a black box appear, in that type

ifconfig

Then hit enter. It will display the status of all network cards on the system. Mine is called eth0 with an IP

address of 192.168.0.15 as in the picture. Your IP will be different. Look for inet addr:


5 of 15 11/1/2010 1:20 PM

Administration of the system is done through a web page. Some users will want to enable this page to beviewed over the local network. By default it is not done, meaning you need physical access to the machine it isrunning on to add users etc. If you Don't want to enable remote viewing of the web interface skip this section.

All we need to do is edit one text file and change one parameter. If you know how to edit this file change line

290 to read:

Allow from all

The file is located in /etc/apache2/apache2.conf. We need to obtain a program called WinSCP and install it

on a Windows based PC. This program is like a remote file explorer for a Linux based system. Download andinstall it from http://winscp.net/eng/download.php. After you have this program installed run it and follow thesesteps:

A) Click NEW.

B) Fill out the details:


6 of 15 11/1/2010 1:20 PM

host name = ip address of the machine

user name = root

password = the password you created before

C) Click Save.

D) Now click Login.

E) Double click on the two dots ( ..) at the top of the directory listing:

F) Now double click on the following in this order:

etc

apache2

apache2.conf

G) It will now open up the apache2.conf file for editing. Go right to the bottom of the file to line 290 and

make it read:

Mail Server Anti-SpamAnti Spam Gateway for Mail Servers.Try it for Free!AntiSpam.byteplant.com


7 of 15 11/1/2010 1:20 PM

Allow from all

Click the disk icon on the top left to save it and now close that window.

H) Now in WinSCP go to Commands > open terminal (or Crtl+T does the same thing) and copy and paste the

following command, then hit execute:

/etc/init.d/apache2 restart

This will restart the web server and re read the file we just edited and all access to the web interface from thelocal network.

I) Using your web browser point it to the IP address if your machine. Replace 192.168.0.15 with your IP

address.

192.168.0.15/daloradius

You will be greeted with the login page. The username is administrator and password is radius. If you have

enabled the web administration on the local network you will want to change this password. If you entersomething incorrect you will get this error:


8 of 15 11/1/2010 1:20 PM

The following will set up a single user and NAS device.

17) Go to management > user > new user and enter a username and password of your choice. Make sure to

select Cleartext-Password as the type. After you're done, click Apply.

18) Go to Management > NAS > new NAS.

A) Enter the IP address of your access point or router, in this case it's 192.168.0.1

B) Create a password in NAS Secret.

C) NAS Type = other (unless your using a Cisco AP choose other).


9 of 15 11/1/2010 1:20 PM

D) Create a short NAS name, in this case I chose dlinkap:

Now we're done here, we need to log into the access point / router and make it use the new authenticationserver.

The following screenshots used here are from a D-Link DAP-1150 access point. Practically all access points arethe same, you will need to find where yours keeps these settings. What we need to do is make it use WPA orWPA2 enterprise and specify the radius server, that's it. The radius server IP is the IP address of theCIITIX-WiFi server and the port is always 1812 and the shared secret is the password you created when wewere adding a NAS device.


10 of 15 11/1/2010 1:20 PM

The only thing left is to get a copy of the certificates that our workstation will use to log on. Using WinSCPnavigate to

/etc/freeradius/certs/client-certificates

You will see two file in there. Copy these to your desktop, you can drag and drop these from WinSCP. It makesgood sense to copy these to a USB flash drive for ease of installation on other PC's. Check out previous steps onwhere to get and how to use WinSCP.

With Windows 7 you can double click on one of these certificates and an installation wizard will appear to guideyou.


11 of 15 11/1/2010 1:20 PM

Make sure you specify to install them in trusted root certificates the same goes for windows XP, Vista.

Now upon trying to connect to the wireless network you will be prompted for a password. Enter the usernameand password you created in the 'users' section in the web management and that's it. The password for thecertificate when installing is ciitixwifi your done!

A quick guide is:

1) On the workstation double click on the ca certificate > click open > click install certificate >

click next > choose place all in following store > click browse > click trusted root

certification > click ok > click next > finish:

2) Double click on server certificate > click next > click next > enter password ciitixwifi >

click next > place all in following store > browse > trusted root ca > ok > next > finish.

That's it. When you try to connect to the WiFi network it will use the certificate automatically and ask for a username and password as pictured below.


12 of 15 11/1/2010 1:20 PM

previous

How To Set Up A Wireless Network UsingWPA/WPA2 With Radius Authentication WithCIITIX-WiFi

Windows might complain upon the first time using the certificate. This is normal and it won't ask you gain afterthe first time. Its because its a self signed certificate from your CIITIX-WiFi server. Iphone and Ipad deviceswill automatically obtain the certificates from the server. You do not need to install these manually. Linux userswill need to Install the certificates, there are many flavours of Linux, but some distros such as Linux Mint whichis Ubuntu based can install the certificates by double clicking on them. Again a wizard appears to guide you.

Other devices which are run an embedded OS such as the Nintendo Wii for example may not be compatible withEnterprise Authentication.

up

Copyright © 2010 DavidAll Rights Reserved.

add comment | view as pdf | print: this | all page(s) |

Please do not use the comment function to ask for help! If you need help, please use our forum.Comments will be published after administrator approval.


13 of 15 11/1/2010 1:20 PM

passwordSubmitted by dan (not registered) on Thu, 2010-09-23 06:37.

after enabling the web interface where can I change the administrator password ?

reply | view as pdf

Re: passwordSubmitted by awan (registered user) on Fri, 2010-09-24 10:59.

Login to the Web Interface (I hope u know the default passwd)

Go to

"Config" -> "Maintenance

Click on "List operators"

You should see the administrator user.

Click on it & on prompt change/enter the new password.

reply | view as pdf

Sponsored Links: Turn your desk phone and mobile phone into one with Sprint Mobile Integration.www.seamlessenterprise.com

One number. One voicemail. Seize the lead. Sprint Mobile Integration.www.seamlessenterprise.com

One Number. One Voicemail.Make it easier for clients to reach you. Turn your desk phone and mobile phone into one with Sprint Mobile Integration.

www.seamlessenterprise.com

One number. One voicemail. Sprint Mobile Integration.www.seamlessenterprise.com

One number. one voicemail. Seize the lead with Sprint. Learn more

AT&T Synaptic Compute as a Service. Boost your power on demand.

Trial: IBM Cognos Express Reporting, Analysis & Planning

Learn benefits of Simpana software.View the Gartner Video

Sprint 4G - The Ultimate Mobile BroadbandClick here

SAP-Business Objects Crystal Reports ServerComplete reporting without hidden costs. Free Trial

Howtos | Mini-Howtos | Forums | News | Search | Contribute | SubscriptionSite Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint


14 of 15 11/1/2010 1:20 PM

Copyright © 2010 HowtoForge - Linux Howtos and TutorialsAll Rights Reserved.


15 of 15 11/1/2010 1:20 PM

Documents

How to Set Up a Wireless Ne