How can I quickly set up a lab with 802.1x wired authentication? (without a switch)

linux wired-networking 802.1x
7,428

Answering my own question, for my future self (and others). I was able to get this quickly done as follows:

  1. Install Ubuntu on a laptop. We will use the ethernet NIC as the "internal network" and the wireless NIC as the "external network".
  2. Setup Ubuntu as a router that simply forwards traffic from the ethernet NIC to the wireless NIC. There are many guides in the Ubuntu community that help with setting up Ubuntu as a router.
  3. Install freeradius and test it (it's useful to run freeradius in debug mode to watch the logs). This guide can help: http://wiki.freeradius.org/guide/Basic-configuration-HOWTO
  4. Install hostapd and configure it for wired 802.1x authentication using the freeradius server (it's useful to run hostapd in debug mode to watch the logs). A sample hostapd.conf file for wired configuration is here (just change the shared secret to the one you configured in freeradius): https://android.googlesource.com/platform/external/wpa_supplicant_8/+/brillo-m9-dev/hostapd/wired.conf
  5. Use another machine (e.g. a Win7 laptop) to test the setup - connect it to the ethernet port of the Ubuntu machine. In Win7, you need to start the "Wired AutoConfig" service and then configure the ethernet network adapter (in the "Authentication" tab) as needed.

That's it! you now have a very simple 802.1x wired authentication lab setup, without any real routers.

Share:
7,428

Related videos on Youtube

tal
Author by

tal

Updated on September 18, 2022

Comments

  • tal
    tal almost 2 years

    I want to experiment with 802.1x wired authentication and I don't have a switch with such capability. How can I quickly set up a lab for that purpose? (e.g. take a Linux machine and make it act like a switch with 802.1x wired authentication)

    • user1686
      user1686 over 8 years
      Usually it's managed switches, not routers, who act as 802.1X authenticators.
  • Shawn
    Shawn almost 4 years
    Hope you are still around. I tried this but for some reason the "switch" (a laptop running ubuntu variant) running hostapd and freeradus is not responding to any EAPOL-Start coming from another thing on the network.
  • Shawn
    Shawn over 2 years
    For some reason, this time it worked for me.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Connecting to a 802.1x EAP-PEAP wireless network with no phase2-auth in Linux
Why wouldn't an ethernet interface advertise gigabit speed if it's capable?
Missing eth0 Ethernet interface in Ubuntu — can't connect to router
How do I find out if my wireless card supports 5 GHz?
Ubuntu 14.04 wired connection detected but no internet access
How to update snap-store linux.. How to update this?
I lost files by using the "mv" command and I don't know where they are!
Is it possible to generate linux .rpm packages from flutter linux app?
Flutter Doctor shows problem with GTK 3.0 for CentOS Linux 7 running on Doctor
Flutter Linux build error when executing flutter run -d linux