Page 1 of 1
WLAN Users via Radius Auth
Posted: Sun Jan 10, 2010 12:00 am
by tomtom
Hello,
is it possible - and how - to perform a WPA2 WLAN Authentication which asks for username and password instead of a PSK?
Thanks for your reply in advance.
tomtom
Re: WLAN Users via Radius Auth
Posted: Mon Jan 11, 2010 4:39 pm
by sergejs
Yes, it is possible with EAP. EAP-TTLS/PEAP/LEAP provide password and few additional options for authorization.
MikroTik AP can forward any EAP (TTLS/PEAP/LEAP), RADIUS server should be additionally configured, which is going to be responsible for authorization.
Wireless client should support used EAP authorization, MikroTik mode=station support only EAP-TLS (certificate authorization).
Re: WLAN Users via Radius Auth
Posted: Tue Jan 12, 2010 9:54 pm
by tomtom
Can you provide us a simple example setup?
Thanks for your help in advance.
Re: WLAN Users via Radius Auth
Posted: Wed Jan 13, 2010 9:30 am
by sergejs
On AP you have to configure security-profile as,
/interface wireless security-profiles add mode=dynamic-keys authentication-types=wpa[2]-eap-methods=passthrough
other options accordingly to configuration, additionally you need to configure /radius client and use wireless service.
I'm not able to help with RADIUS configuration for EAP.
Re: WLAN Users via Radius Auth
Posted: Mon Sep 13, 2010 3:45 pm
by stek
Hi,
Can someone help me for the radius configuration of this?
regards
Stefano