Configure computers with authentication and encryption settings
On WEP and WPA / WPA2-personal networks, you only select the network and will be prompted for the key. Although connecting to enterprise encrypted networks is more complicated in configuration, once configured, you can simply connect to the network by entering a username and password, even if you have You can save this information so you don't have to enter it multiple times.
If no profile exists in the network, you need to create a new profile. Then configure the settings. Remember, you are using WPA (TKIP) or WPA2 (AES) Enterprise encryption with PEAP authentication. In the PEAP properties dialog, you need to choose to validate the server certificate and select the certificate you imported. In addition, you can enter the server's IP address to use when validating. Then ensure that you use the Password method (EAP-MSCHAP v2). Click the Configure button to ensure ( Automatically use my Windows logon name and password ) settings on the dialog box not checked.
It should be noted that, the first time you connect to the network, the Validate Server Certificate dialog box will appear, sometimes it can hide behind other windows. Then click Ok to accept the certificate and continue connecting.
Set up SQL for users and look up APs
If you have a large number of users and APs, or you change their details or APs on a regular basis, then you can use a database to store information. instead of text files. You can install and configure your server or use a hosted server, for example from a website provider. Either way, you must install the FreeRADIUS MySQL package (freeradius2-mysql).
Now you need to load the default database structure into the database server. If you are running your server in CentOS, run the " mysql -uroot -prootpass radius " from a Terminal. If you use a remote server or host hosted from a provider, then run " gedit " with a root Terminal and use the Text Editor to open etc / raddb / sql / mysql / schema.sql . Then copy and paste the SQL commands into the server to run them.
If you want to use SQL for details of the AP, load the etc / raddb / sql / mysql / nas.sql file into your database.
You need to edit the FreeRADIUS configuration files to tell the server to use SQL. From the root Text Editor ,, open etc / raddb / radiusd.conf and do not comment the line "$ INCLUDE sql.conf ". Open etc / raddb / sites-enabled / inner-tunnel and do not comment " sql " from Authorize . Now FreeRADIUS will use files and SQL.
You need to give FreeRADIUS a database connection and login details. From the original editor, open etc / raddb / sql.conf . Then make sure database = 'mysql' . If you are using a remote database or a preconfigured database, enter the server address. Make sure you enter the Username and Password for your server. With the radius_db value , enter the database name. If you are using SQL for AP details, do not comment " readclients = yes ".
Finally, insert rows into the table to define user accounts. The format is similar to the format for user files:
username attribute op value
egeier Cleartext-Password: = pass123
Here is an example of what you can insert into the table for information about the AP if enabled:
shortname nasname type secret
192.168.0.1 private-network-1 other testing123
Troubleshoot
Note that during server setup or after making changes, use debug mode to see server actions. If you encounter logon or connection problems, check carefully and debug the section and analyze recent changes.