Lead Image © Tyler Olson, 123RF.com

Lead Image © Tyler Olson, 123RF.com

FreeRADIUS for WiFi hotspots

Large Radius

Article from ADMIN 19/2014
By
Tired of contending with shared passwords for wireless networks? Use WPA Enterprise and a FreeRADIUS server to set up a user password solution for wireless users.

Do you know someone who keeps the WiFi password on a piece of paper under their keyboard? Or somewhere equally as insecure? Sloppy password practices are a nightmare for any admin; controlling access to the company network is impossible with a shared password, even if you have a manageable number of employees.

How do you implement security on a WiFi network without a shared password? One solution is IEEE 802.1X, a standard mechanism for network authentication. For enterprise WiFi hotspots, this login procedure usually goes by the name of WPA Enterprise (Figure 1).

Figure 1: Some hotspots support a user-specific configuration with WPA Enterprise.

In most cases, the user database is not managed by the hotspot itself. Instead, the hotspot queries a RADIUS server on the same network (Figure  2): The central user administration actually takes place on the RADIUS server. If you take on a new employee, you enter their account on the RADIUS server, WiFi access included.


...

Use one of the options below to read the full article

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
SUBSCRIPTIONS
Print Subscriptions
Digital Subscriptions

Related content

comments powered by Disqus