Time for action – setting up the AP with FreeRADIUS-WPE
Follow these instructions to get started:
Connect one of the LAN ports of the access point to the Ethernet port on your machine running Kali. In our case, the interface is eth0. Bring up the interface and get an IP address by running DHCP, as shown in the following screenshot:
Login to the access point and set the security mode to WPA/WPA2-Enterprise, set Version to WPA2, Encryption to AES. Then, under the EAP (802.1x) section, enter the Radius Server IP address as your Kali build's IP address. The Radius Password will be test, as shown in the following screenshot:
Let's now open a new terminal and go to the directory /usr/local/etc/raddb. This is where all the FreeRADIUS-WPE configuration files are:
Let's open eap.conf. You will find that the default_eap_type command is set to MD5. Let's change this to peap:
Let's open clients.conf. This is where we define the allowed list of clients that can connect to our Radius server. Interestingly, if you browse right to the bottom, ignoring the example settings, the secret for clients in the range 192.168.0.0/16 defaults to test. This is exactly what we used in step 2:
We are now all set to start the RADIUS server with the radiusd –s –X command:
Once you run this, you will see a lot of debug messages on the screen, but eventually the server will settle down to listen for requests. Awesome! We are all set now to start our lab sessions in this chapter:
What just happened?
We have successfully set up FreeRADIUS-WPE. We will use this in the rest of the experiments that we will do in this chapter.
Have a go hero – playing with RADIUS
FreeRADIUS-WPE has tons of options. It may be a good idea to familiarize yourself with them. Most importantly, take time to check out the different configuration files and how they all work together.