Troubleshooting
There are quite a few pieces that have to play nicely together to get WPA2-Enterprise working. Here are a few tools that come in handy if things don't work smoothly on the first try:
- Check the FreeRADIUS log.
There is a lot of good information in the log that can point you right to the problem. This is especially handy when tweaking the config files, as anything that doesn't parse correctly will log an error.
- Run FreeRADIUS in debug mode in the foreground with "radiusd -X".
This will show you just what FreeRADIUS is thinking. Not all the errors show up here, but the major ones that cause FreeRADIUS to quit do.
- Test local connectivity with "radtest test test localhost 0 testing123".
This one comes straight out of the INSTALL file. If you runFreeRADIUS in the foreground with "radiusd -X" in another terminal you should be able to see the FreeRAIDUS dump all kinds of messages when "radtest" runs.
Conclusion
With a little extra hardware, you can add the extra level of security that authentication provides to your wireless network. This gives you better control over the clients that can connect to your network and also helps to keep clients from connecting to untrusted networks.
The combination of AES Encryption in WPA2 and secure authentication of clients will help protect your network and keep your data secured from prying eyes.