802.1X Port-Based Authentication HOWTO

Lars Strand

2004-08-18

Revision History
Revision 1.02004-10-18Revised by: LKS
Initial Release, reviewed by TLDP.
Revision 0.2b2004-10-13Revised by: LKS
Various updates. Thanks to Rick Moen <rick (at) linuxmafia com> for language review.
Revision 0.02004-07-23Revised by: LKS
Initial draft.

This document describes the software and procedures to set up and use IEEE 802.1X Port-Based Network Access Control using Xsupplicant as Supplicant with FreeRADIUS as a back-end Authentication Server.


Table of Contents
1. Introduction
1.1. What is 802.1X?
1.2. What is 802.11i?
1.3. What is EAP?
1.4. EAP authentication methods
1.5. What is RADIUS?
2. Obtaining Certificates
3. Authentication Server: Setting up FreeRADIUS
3.1. Installing FreeRADIUS
3.2. Configuring FreeRADIUS
4. Supplicant: Setting up Xsupplicant
4.1. Installing Xsupplicant
4.2. Configuring Xsupplicant
5. Authenticator: Setting up the Authenticator (Access Point)
5.1. Access Point
5.2. Linux Authenticator
6. Testbed
6.1. Testcase
6.2. Running some tests
7. Note about driver support and Xsupplicant
8. FAQ
9. Useful Resources
10. Copyright, acknowledgments and miscellaneous
10.1. Copyright and License
10.2. How this document was produced
10.3. Feedback
10.4. Acknowledgments
A. GNU Free Documentation License
A.1. PREAMBLE
A.2. APPLICABILITY AND DEFINITIONS
A.3. VERBATIM COPYING
A.4. COPYING IN QUANTITY
A.5. MODIFICATIONS
A.6. COMBINING DOCUMENTS
A.7. COLLECTIONS OF DOCUMENTS
A.8. AGGREGATION WITH INDEPENDENT WORKS
A.9. TRANSLATION
A.10. TERMINATION
A.11. FUTURE REVISIONS OF THIS LICENSE
A.12. ADDENDUM: How to use this License for your documents