SECURITY How To Enable 802.1X (Port Based Network Access Control)

Uit Gentoo Linux Wiki

Ga naar: navigatie, zoeken
This article is part of the Security series.

Inhoud

[bewerken] Introduction

The objective of this How To, is to help configure an Gentoo Desktop/Notebook in a IEEE 802.1X (Port Based Network Access Control) environment.

This document assumes that it is a recent installation based in Universal Live CD.

[bewerken] Requirements

  • XSupplicant - The Open 802.1X Implementation - XSupplicant Page
  • Network Credentials (Username / Password / LDAP Information / etc.)
  • Certificates if needed

[bewerken] Step by Step

[bewerken] Umasking Xsupplicant 

#> echo 'net-misc/xsupplicant ~x86' >> /etc/portage/package.keywords

[bewerken] Verify Downloads Neededs 

#> emerge -pv xsupplicant
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild  N    ] dev-libs/libusb-0.1.10a  -debug -doc 366 kB
[ebuild  N    ] sys-apps/pcsc-lite-1.2.0  -static 771 kB
[ebuild  N    ] net-misc/xsupplicant-1.0.1  622 kB
Total size of downloads: 1,760 kB

[bewerken] Download Sources and Dependencies

In another computer with internet connection:

Download the required files (Change X.X.X by Correct Version showed in emerge -pv xsupplicant command: 

#> wget --passive-ftp ftp://ftp.las.ic.unicamp.br/pub/gentoo/distfiles/pcsc-lite-X.X.X.tar.gz
#> wget --passive-ftp ftp://ftp.las.ic.unicamp.br/pub/gentoo/distfiles/libusb-X.X.X.tar.gz
#> wget --passive-ftp ftp://ftp.las.ic.unicamp.br/pub/gentoo/distfiles/xsupplicant-X.X.X.tar.gz

Copy downloaded files to CDRom or USB Drive.

Move the downloaded source-files to /usr/portage/distfiles/ in Gentoo-Box and check dependencies: 

#> emerge -pv xsupplicant
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild  N    ] dev-libs/libusb-0.1.10a  -debug -doc 0 kB
[ebuild  N    ] sys-apps/pcsc-lite-1.2.0  -static 0 kB
[ebuild  N    ] net-misc/xsupplicant-1.0.1  0 kB
Total size of downloads: 0 kB

[bewerken] Merging XSupplicant 

#> emerge xsupplicant

[bewerken] Setting the /etc/xsupplicant.conf

Now we need configure the /etc/xsupplicant.conf with details of network environment.

In My Case:

PEAP-MSCHAPv2 / Windows Active Directory / Without Certificate

[bewerken] About

This document was written by Daniel Neto.

Feel so free to correct my *badly* english, this is not my natural language:) I just trying help.

About Me: My MSN Spaces

Afkomstig van de Nederlandstalige Gentoo Wiki, het vrije Gentoo handboek. "http://nl.gentoo-wiki.com/SECURITY_How_To_Enable_802.1X_%28Port_Based_Network_Access_Control%29"
Persoonlijke instellingen
Andere talen