5. Authenticator: Setting up the Authenticator (Access Point)

During the authentication process, the Authenticator just relays all messages between the Supplicant and the Authentication Server (RADIUS). EAPOL is used between the Supplicant and the Authenticator; and, between the Authenticator and the Authentication Server, UDP is used.

5.1. Access Point

Many access point have support for 802.1X (and RADIUS) authentication. It must first be configured to use 802.1X authentication.

Note

Configuring and setting up 802.1X on the AP may differ between vendors. Listed below are the required settings to make a Cisco AP350 work. Other settings to TIKP, CCMP etc. may also be configured.

The AP must set the ESSID to "testnet" and must activate:

Figure AP350: The RADIUS configuration screen for a Cisco AP-350

Figure AP350-2: The Encryption configuration screen for a Cisco AP-350

5.2. Linux Authenticator

An ordinary Linux node can be set up to function as a wireless Access Point and Authenticator. How to set up and use Linux as an AP is beyond the scope of this document. Simon Anderson's Linux Wireless Access Point HOWTO may be of guidance.