Changing a Linux box into an 802.1x AP

By On May 12, 2010 ·
email

802.1x is is an IEEE standard for port based network access control. It provides an authentication mechanism for devices wishing to connect to a LAN or WLAN at layer 2, or the networking layer. Consumer devices typically do not offer the standard, possible reasons for this include the complexity of configuration.

Using Linux and hostapd however, it is possible to build an access point that does offer 802.1x functionality. For this to work, a supported network adapter needs to be used. In this article I will document how to build an 802.1x capable access point (WLAN), while a next article may demonstrate how to use 802.1x on a wired LAN.

Required Hardware

To provide access point functionality the so called ‘master mode’ needs to be supported on the Linux device driver for the network card. I purchased a TP-Link TL-WN951N PCI card for this purpose. This card has an Atheros chipset that’s recognized by Linux’ ath9k driver in the current (2.6.32-5, Debian Sid) kernel.

Software and Drivers

To get the card to behave like a basic access point, we first need to load the ath9k driver. On Debian Sid kernels (and probably most other kernels) this happens automatically. The oldest supported kernel according to Linux Wireless is 2.6.32. The dmesg output shows:

[    6.636267] ath9k 0000:09:01.0: PCI INT A -> GSI 17 (level, low) -> IRQ 17
[    7.065708] ath: EEPROM regdomain: 0x809c
[    7.065709] ath: EEPROM indicates we should expect a country code
[    7.065711] ath: doing EEPROM country->regdmn map search
[    7.065712] ath: country maps to regdmn code: 0x52
[    7.065713] ath: Country alpha2 being used: CN
[    7.065714] ath: Regpair used: 0x52
[    7.118038] phy0: Selected rate control algorithm 'ath9k_rate_control'
[    7.118473] cfg80211: Calling CRDA for country: CN
[    7.118494] Registered led device: ath9k-phy0::radio
[    7.118504] Registered led device: ath9k-phy0::assoc
[    7.118513] Registered led device: ath9k-phy0::tx
[    7.118522] Registered led device: ath9k-phy0::rx
[    7.118527] phy0: Atheros AR5416 MAC/BB Rev:2 AR2133 RF Rev:81: mem=0xffffc900057a0000, irq=17
 
If you enjoyed this article, please consider sharing it!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Set your Twitter account name in your settings to use the TwitterBar Section.