1
Installing Radius Server
1. Check whether openssl is installed on your computer with the following command:
openssl version
The response is usually:
OpenSSL 0.9.7b 10 Apr 2003
If openssl is not installed, then install it as the following:
Download “openssl-0.9.7d.tar.gz” from http://www.openssl.org, put it in a
directory, and execute the following:
tar -zxvf openssl-0.9.7d.tar.gz.
cd openssl-0.9.7d
./configure
make
make test
make install
2. Download “freeradius-1.0.1.tar.gz” from http://www.freeradius.org, put in a
directory, and execute the following:
tar -zxvf freeradius-1.0.1.tar.gz
cd freeradius-1.0.1
./configure
make
make install
Generating Security Certificates for TLS/TTLS
The script in appendix generates three certificates for Certificate Authority, server, and
client, along with the server “dh” and “random” files. When the script finishes, do the
following:
� Copy the following files to the RADIUS server certificate directory
“/usr/local/etc/raddb/cert”:
“room.pem”, “cert-srv.pem”, “random”, and “dh”.
� Copy the following files to client station certificate directory (it could be the same
directory where you put the “wpa_supplicant” executable):
“root.pem” and “cert-clt.pem”.
Configuring Radius Server
Edit the following files:
1. /usr/local/etc/raddb/user
“user” Auth-Type := EAP, User-Password == “password”
Reply-Message = “Hello, %u”