Difference between revisions of "Features/WPA-WPA2-Enterprise-Network-Connections/Testing"

From Sugar Labs
Jump to navigation Jump to search
Line 19: Line 19:
 
* Note that, you may only need to enter the "Radius Server IP Address" ("192.168.1.3" in the screenshot). The "Radius Server Port", and "Share Secret" are the default ones (at least for a default setup of freeradius).
 
* Note that, you may only need to enter the "Radius Server IP Address" ("192.168.1.3" in the screenshot). The "Radius Server Port", and "Share Secret" are the default ones (at least for a default setup of freeradius).
  
== TESTING - TTLS-based authentication ==
+
== Connecting a client - TLS-based authentication ==
 +
* Make sure you have three certificates - user-certificate, ca-certificate, private-key - before you proceed. One way to get these certificates is as follows:
 +
** Go to the RADIUS server machine, and navigate to "/etc/raddb/certs"
 +
** Run the following commands
 +
*** sudo make client.pem
 +
*** sudo chmod 0644 client.p12
 +
*** sudo chmod 0644 ca.pem
 +
*** Transfer "client.p12" and "ca.pem" to a USB drive.
 +
*** Use this USB drive, in the subsequent steps.
 +
* Navigate to the "Neighbourhood view" on the XO.
 +
* Click on the network-icon, and enter the parameters, as seen in the following screenshot
 +
** [[File:TLS_authentication.png]]
 +
 
 +
== Connecting a client - TTLS-based authentication ==
 
* Navigate to the "Neighbourhood view" on the XO.
 
* Navigate to the "Neighbourhood view" on the XO.
 
* Click on the network-icon, and enter the parameters, as seen in the following screenshot (thanks to Anish, for showing me this minimal configuration)
 
* Click on the network-icon, and enter the parameters, as seen in the following screenshot (thanks to Anish, for showing me this minimal configuration)
 
** [[File:TTLS_authentication.png]]
 
** [[File:TTLS_authentication.png]]

Revision as of 09:20, 14 December 2011

Setting up a RADIUS server (on a dedicated machine)

Setting up the access-point / router

  • Connect the access-point/router, with the RADIUS server machine, through a ethernet cable.
  • Through the RADIUS server machine, open the browser, type in the access-point/router IP address, and configure it for WPA/WPA2-Enterprise authentication. A sample screenshot is presented below
    • Router configuration.png
  • Note that, you may only need to enter the "Radius Server IP Address" ("192.168.1.3" in the screenshot). The "Radius Server Port", and "Share Secret" are the default ones (at least for a default setup of freeradius).

Connecting a client - TLS-based authentication

  • Make sure you have three certificates - user-certificate, ca-certificate, private-key - before you proceed. One way to get these certificates is as follows:
    • Go to the RADIUS server machine, and navigate to "/etc/raddb/certs"
    • Run the following commands
      • sudo make client.pem
      • sudo chmod 0644 client.p12
      • sudo chmod 0644 ca.pem
      • Transfer "client.p12" and "ca.pem" to a USB drive.
      • Use this USB drive, in the subsequent steps.
  • Navigate to the "Neighbourhood view" on the XO.
  • Click on the network-icon, and enter the parameters, as seen in the following screenshot
    • TLS authentication.png

Connecting a client - TTLS-based authentication

  • Navigate to the "Neighbourhood view" on the XO.
  • Click on the network-icon, and enter the parameters, as seen in the following screenshot (thanks to Anish, for showing me this minimal configuration)
    • TTLS authentication.png