November 20, 2014
 
 
RSSRSS feed

6 Open Source Projects for 802.1X Network Authentication - page 2

FreeRADIUS, wpa_supplicant

  • September 20, 2010
  • By Eric Geier

XSupplicant

Another open source 802.1X client is XSupplicant from Open1X, backed by the OpenSEA. It supports wireless and wired authentication for Windows and Linux. Like wpa_supplicant, it supports numerous EAP types.

SU1X 802.1X Configuration Deployment Tool

One of the major hurdles of implementing 802.1X is client configuration. End-users can't just connect to a 802.1X network. The proper authentication settings must be set in order to connect, and sometimes certificates need to be installed.

To eliminate headaches for the end-users and support team, administrators can preconfigure these settings for end-users by creating a network profile for them and installing any required certificates. If the network is running a Windows Server with Active Directory, the settings and certificates can pushed to clients using Group Policy. The Netsh utility can also help push settings to Windows clients. However, these two approaches don't apply to computers out of the domain, such as the end-users' own laptops.

For cases where end-users bring their own devices, such as in educational institutions, administrators can create a wizard that automatically configures the authentication settings by creating the network profile for the end-user. The open source SU1X 802.1X Configuration Deployment Tool is one solution that can help administrators create the wizard. If you want to consider commercial products or for comparison reasons, see my recent reviews for the XpressConnect and Quick1X solutions.

In addition to setting the basic 802.1X settings, the SU1X 802.1X tool can install certificates, turn on NAP, and edit the preferred network profiles. It also add/remove networked printers and set proxy server settings for IE and Firefox. The wizard's operations and branding can even be customized by editing the INI file.

radclient

During the installation of any RADIUS server, you'll need to do testing. Even after the initial implementation, you might make changes or add RADIUS attributes. For testing you can use real client devices, but you might also find it convenient to use radclient when working in Linux.

This is an open source RADIUS client program you can use at the command-line. It sends packets to a RADIUS server using the attributes you specify and it will show the replies. If you're running FreeRADIUS, radclient is already installed.

You might also want to check other (closed source but free) utilities: Radlogin, NTRadPing, and RADIUS Test Rig Utility.

Eric Geier is the founder of NoWiresSecurity, which helps businesses easily protect their Wi-Fi networks with the Enterprise mode of WPA/WPA2 encryption. He is also a freelance tech writer, and has authored many networking and computing books for brands like For Dummies and Cisco Press.
Sitemap | Contact Us