manual
Use 802.1x Security with AT-WA7400 APs, AT-8624PoE Switches, and Linux’s freeRADIUS and Xsupplicant 7
If you are using a distribution that does not use ifcfg files, Xsupplicant lets you write startup files
to the wireless NIC as shown in the following lines of code. Note that these files do not define
encryption, because Xsupplicant controls that.
/usr/local/etc/1x/startup.sh
#!/bin/sh
echo "Starting $0"
/sbin/ifconfig ath0 down
sleep 1
/sbin/iwconfig ath0 mode managed essid allied channel 6 rate auto enc 0000000000
#iwpriv ath0 authmode 2
/sbin/ifconfig ath0 allmulti up
echo "Finished $0"
exit 0
/usr/local/etc/1x/startup2.sh
#!/bin/sh
echo "Starting $0"
iwconfig ath0
/sbin/ifconfig ath0 169.254.4.33 netmask 255.255.255.0 broadcast 255.255.255.0
echo "Finished $0"
iwconfig ath0
exit 0
Edit the xsupplicant.conf file as shown in the following fragment. Take note of these points:
• This was a Mandrake example, so we did not need to use the startup scripts. Therefore we
commented them out in our xsupplicant.conf file below (so they are not run).
• The eap-md5 section is irrelevant to the basic configuration, but it shows how simple it is to
add a different form of EAP authentication to the supplicant configuration.
/usr/local/etc/1x/xsupplicant.conf
### GLOBAL SECTION
network_list = all
default_netname = default
#startup_command = <BEGIN_COMMAND>/usr/local/etc/1x/startup.sh<END_COMMAND>
#first_auth_command = <BEGIN_COMMAND>/usr/local/etc/1x startup2.sh<END_COMMAND>
reauth_command = <BEGIN_COMMAND>echo "authenticated user %i"<END_COMMAND>
logfile = /var/log/xsupplicant.log
allow_interfaces = ath0, wlan0
deny_interfaces = eth0, eth1, sit0
# script continues on next page
3. Configure the xsupplicant.conf file