802.1X Port-Based Authentication HOWTO

2004-08-18

Revision History
Revision 1.02004-10-18LKS
Initial Release, reviewed by TLDP.
Revision 0.2b2004-10-13LKS
Various updates. Thanks to Rick Moen <rick (at) linuxmafia com> for language review.
Revision 0.02004-07-23LKS
Initial draft.

Abstract

This document describes the software and procedures to set up and use IEEE 802.1X Port-Based Network Access Control using Xsupplicant as Supplicant with FreeRADIUS as a back-end Authentication Server.


Table of Contents

1. Introduction
1.1. What is 802.1X?
1.2. What is 802.11i?
1.3. What is EAP?
1.4. EAP authentication methods
1.5. What is RADIUS?
2. Obtaining Certificates
3. Authentication Server: Setting up FreeRADIUS
3.1. Installing FreeRADIUS
3.2. Configuring FreeRADIUS
4. Supplicant: Setting up Xsupplicant
4.1. Installing Xsupplicant
4.2. Configuring Xsupplicant
5. Authenticator: Setting up the Authenticator (Access Point)
5.1. Access Point
5.2. Linux Authenticator
6. Testbed
6.1. Testcase
6.2. Running some tests
7. Note about driver support and Xsupplicant
8. FAQ
9. Useful Resources
10. Copyright, acknowledgments and miscellaneous
10.1. Copyright and License
10.2. How this document was produced
10.3. Feedback
10.4. Acknowledgments
A. GNU Free Documentation License
1. PREAMBLE
2. APPLICABILITY AND DEFINITIONS
3. VERBATIM COPYING
4. COPYING IN QUANTITY
5. MODIFICATIONS
6. COMBINING DOCUMENTS
7. COLLECTIONS OF DOCUMENTS
8. AGGREGATION WITH INDEPENDENT WORKS
9. TRANSLATION
10. TERMINATION
11. FUTURE REVISIONS OF THIS LICENSE
12. ADDENDUM: How to use this License for your documents