User Tools

Site Tools


docs:guide-user:network:wifi:wireless.security.8021x

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
docs:guide-user:network:wifi:wireless.security.8021x [2018/03/03 20:13]
bobafetthotmail ↷ Page moved from docs:user-guide:network:wifi:wireless.security.8021x to docs:guide-user:network:wifi:wireless.security.8021x
docs:guide-user:network:wifi:wireless.security.8021x [2018/06/11 14:20] (current)
tmomas link fixed
Line 1: Line 1:
-===== Introduction to 802.1x =====+====== Introduction to 802.1x ​======
  
 One of the lesser known features of 802.11 security, at least among home and small business users, is the ability to have individual usernames and passwords on a centralized authentication server which can be used by one or more wireless access point. A key advantage of this type of setup is that individual users can be added and removed from wireless access without disrupting other users or re-keying the network which is why it is popular with enterprise customers. If you have a more complex setup such as Active Directory for user logins it is possible to connect your wireless network back to your Active Directory server for authenticating these users. One of the lesser known features of 802.11 security, at least among home and small business users, is the ability to have individual usernames and passwords on a centralized authentication server which can be used by one or more wireless access point. A key advantage of this type of setup is that individual users can be added and removed from wireless access without disrupting other users or re-keying the network which is why it is popular with enterprise customers. If you have a more complex setup such as Active Directory for user logins it is possible to connect your wireless network back to your Active Directory server for authenticating these users.
Line 7: Line 7:
 Note that the individual usernames and passwords are stored in a RADIUS server which the access point will communicate with to authenticate users. In most cases this RADIUS server software is running elsewhere on the network (obviously the access point will need to be able to reach it) but it is possible to install and run a RADIUS server on OpenWRT as well. The installation and configuration of a RADIUS server is outside the scope of this document however a few hints will be provided. RADIUS is a standardized protocol which is supported by many server applications including the Microsoft Windows Network Policy Server (NPS) can authenticate Active Directory users. A commonly used open source RAIDUS server is FreeRADIUS. Note that the individual usernames and passwords are stored in a RADIUS server which the access point will communicate with to authenticate users. In most cases this RADIUS server software is running elsewhere on the network (obviously the access point will need to be able to reach it) but it is possible to install and run a RADIUS server on OpenWRT as well. The installation and configuration of a RADIUS server is outside the scope of this document however a few hints will be provided. RADIUS is a standardized protocol which is supported by many server applications including the Microsoft Windows Network Policy Server (NPS) can authenticate Active Directory users. A commonly used open source RAIDUS server is FreeRADIUS.
  
-==== Prerequisites ====+===== Prerequisites ​=====
  
 Before beginning you will want to make sure you have completed the following steps: Before beginning you will want to make sure you have completed the following steps:
Line 172: Line 172:
 ===== Additional Resources ===== ===== Additional Resources =====
  
-WPA Enterprise options can be found in the [[doc:uci:wireless#wpa.enterprise.access.point|UCI Wireless documentation]].+WPA Enterprise options can be found in the [[docs:guide-user:network:​wifi:​basic#wpa_enterprise_access_point|Wireless documentation]].
docs/guide-user/network/wifi/wireless.security.8021x.txt · Last modified: 2018/06/11 14:20 by tmomas