Appendix a: configuration of the radius server – SmartBridges sB3210 User Manual

Page 44

Advertising
background image

Page 44 of 55

airPoint™ Nexus User Configuration Guide

i n t e l l i g e n t w i r e l e s s p l a t f o r m

Appendix A: Configuration of the Radius Server

FreeRADIUS/WinXP Authentication Setup

This document describes how to build a FreeRADIUS server for TLS and PEAP authentication, and
how to configure the Windows XP clients (supplicants). The server is configured for a home (or test)
network.

Three papers have been written about TLS authentication with a FreeRADIUS server and are
available at the following websites:

1) www.missl.cs.umd.edu/wireless/eaptls
2) www.freeradius.org/doc/EAPTLS.pdf
3) www.denobula.com

These papers provide an excellent background, but are somewhat out of date. Where appropriate, we
will simply refer to these documents rather than repeating the information. We recommend that you
follow the steps we give below rather than the steps in these documents.

If you follow this example, please make the needed changes to the names of the files. We installed
the FreeRADIUS and OpenSSL files in special local directories. This ensures that there is no
interaction between the base Linux files and the new files. It also allows you to easily remove all of the
newly installed files.

The FreeRADIUS and OpenSSL snapshots used in constructing the server are beta software.


1. Download and Install OpenSSL and FreeRADIUS

The first step is to download and install the latest snapshot versions of OpenSSL and FreeRADIUS.

a. OpenSSL -- Download the latest OpenSSL-0.9.7-stable snapshot. We downloaded the OpenSSL
snapshot to our home directory. The snapshots are located at:

»ftp://

ftp.openssl.org/snapshot/


Then We used the following nine steps:

mkdir -p /usr/src/802/openssl
cd /usr/src/802/openssl
cp /home/jbibe/openssl-0.9.7-stable-SNAP-20040202.tar.gz \
openssl-0.9.7-stable-SNAP-20040202.tar.gz

gunzip openssl-0.9.7-stable-SNAP-20040202.tar.gz
tar xvf openssl-0.9.7-stable-SNAP-20040202.tar
cd openssl-0.9.7-stable-SNAP-20040202

./config shared --prefix=/usr/local/openssl
make
make install

That completes the work with OpenSSL, except for building the required certificates.

When you perform the config, make, and make-install here and in the FreeRADIUS install described
below, We recommend that you log the information. For example, instead of using the simple "make"
command, use:

Advertising
Popular Brands
Popular manuals