Skip to content

Commit

Permalink
Documentation update
Browse files Browse the repository at this point in the history
  • Loading branch information
@oviserv
oviserv committed Mar 31, 2023
1 parent 0e44318 commit d9ce766
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
Wifi is nearly everywhere and adequate security is important. User friendly and secure alternative to the password based solution is WPA3 & WPA2 Enterprise (further: WPA2 Enterprise). One of the options within WPA2 Enterprise is EAP-TLS. This authentication protocol uses X.509 certificates to make sure that a user connects to an authentic Wifi network. The client side certificate guarantees to the Wifi network the authenticity of the client. This repository gives some scripts to create and manage some of the key components for an EAP-TLS setup: a RADIUS server and a Public Key Infrastructure (PKI) for managing a Certificate Authority (CA) and managing X.509 certificates. For the RADIUS server the FreeRadius opensource project is used. The complexity of configuring FreeRadius is taken away by using a few wrapper scripts. The RADIUS server is run using Docker and docker-compose.

A complete setup consists of the following elements:
- a Wifi client, e.g. a Windows 10 laptop connecting to a Wifi network
- a Wifi access point supporting RADIUS authentication. The setup presented was tested with Ubiquity UniFi access points and UniFi Network Controller software (no relationship whatsoever between this project and Ubiquiti). Regular WPA3 Enterprise is tested (and used) succesfully. To use the 192-bit security mode offered by WPA3 Enterprise some configuration changes of this project are required.
- a RADIUS server and PKI (this project) running on a Docker server with docker-compose
- a Wifi client, e.g. a Windows 11 laptop connecting to a Wifi network
- a Wifi access point supporting RADIUS authentication. The setup presented was tested with Ubiquity UniFi access points and UniFi Network Controller software (no relationship whatsoever between this project and Ubiquiti).
- a RADIUS server and PKI (this project) running on a Docker server with docker-compose. Regular WPA3 Enterprise is tested (and used) succesfully. Necessary changes to use the 192-bit security mode offered by WPA3 Enterprise still have to be determined. Input on this subject is welcomed.

# Getting started
- Start with a functioning Wifi network using WPA2 preshared key
Expand Down

0 comments on commit d9ce766

Please sign in to comment.