I’ve had my Linksys wireless router for a while, and never really though much about security on it beyond a 128 bit WEP key, but while playing around in the setup screens, upgrading firmware, etc. I noticed now I have the option for WPA-Radius…

With my curiosity peaked, 2 FreeBSD boxes sitting around not doing much, and some free time I managed to get radiusd installed, configured it with a single client (my AP’s IP) and setup 2 users with the same login passwords Jamie and I use on our laptops. So regardless who is logged into which laptop, it will pass our login credentials via PEAP over an encrypted connection to request access from the AP.

After some mindless struggling I realized I needed to open the ports on the freebsd firewall for the access point’s IP to allow it to contact radiusd Otherwise, it was fairly easy to setup – and I feel better about my wireless security now than before. If nothing more than to have a log of any failed login attempts. Besides, with a little more firewall tweaking and routing via one of my static IP’s, I could configure my Mom’s AP in California to work the same way, authenticating over the internet to my radius server…. not that I’m going to do it, that would be overkill and annoying to her if she can’t get on the internet because my server is down. Still a cool idea tho’ ehehe.