Adam Williams spelled it out with a 42 slide Impress presentation, "Wireless Alphabet Soup." He showed what it takes to configure an OpenRADIUS server to handle wireless network authentication. We saw yet another useful Open Source GPL’d software solution.
This presentation covered setting up a RADIUS service to provide support for EAP authentication via your wireless network. OpenRADIUS can authenticate users against your LDAP DSA, CIFS Domain Controller, or a multitude of other sources (including flat files). RADIUS stands for Remote Authentication Dial-In User Service.
Originally used by ISP’s to control the banks of dial-up modems, OpenRADIUS is used for wireless network authentication services. Adam told us how it all fits together. He explained the 802.11i goals for security. The descriptions for setting up a WPA network will get you to the goal of a working authentication service. He showed how to configure the various files to get the desired result. RADIUS is the protocol used by EAP servers to authenticate EAP users; and OpenRADIUS is an Open Source service that provides RADIUS service from any UNIX like platform (LINUX, BSD, etc...). EAP (Extensible Authentication Protocol) is a standard for authenticating network clients, most commonly used for wireless devices ("Supplicants"). EAP is an 802.1x standard that allows developers to pass security authentication data between RADIUS and the access point (AP) and wireless client. EAP has a number of variants, including: EAP MD5, EAP-Tunneled TLS (EAP-TTLS), Lightweight EAP (LEAP), and Protected EAP (PEAP).