noahwilliamsson · November 5, 2015 22:48
diff --git a/hostapd.conf b/hostapd.conf
 interface=wlan0

 # --------------------------------------
 bss=wlan1
 ssid=EAP
 # IEEE 802.11 specifies two authentication algorithms. hostapd can be
 # configured to allow both of these or only one. Open system authentication
 # should be used with IEEE 802.1X.
 # Bit fields of allowed authentication algorithms:
 # bit 0 = Open System Authentication
 # bit 1 = Shared Key Authentication (requires WEP)
 auth_algs=3
 wpa=3
 wpa_key_mgmt=WPA-EAP
 # Require IEEE 802.1X authorization
 ieee8021x=1
 eapol_version=2
 eap_message=ping-from-hostapd
 eap_server=1
 ca_cert=/etc/hostapd/hostapd.ca.pem
 dh_file=/etc/hostapd/hostapd.dh.pem
 server_cert=/etc/hostapd/hostapd.cert.pem
 private_key=/etc/hostapd/hostapd.key.pem
 eap_user_file=/etc/hostapd/hostapd.eap_user
 # Logging
 logger_syslog=-1
 logger_syslog_level=0
diff --git a/hostapd.eap_user b/hostapd.eap_user
 # Based on the example from
 # http://rpc.one.pl/pliki/openwrt/backfire/10.03.x/atheros/hostapd/dokumentacja/hostapd.eap_user

 # Outer (phase 1) identities
 # Wildcard for all other identities
 "peap"  PEAP
 "ttls"          TTLS
 *               PEAP,TTLS,TLS,SIM,AKA

 # Phase 2 (tunnelled within EAP-PEAP or EAP-TTLS) users
 "md5"           MD5     "p"     [2]
 "chap"  MSCHAPV2        "p"     [2]
 #"t-gtc"                GTC     "p"     [2]
 "peap"  MSCHAPV2        "p"     [2]
 "user"          MD5,GTC,MSCHAPV2        "p"     [2]
 "ttls"  TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP,TTLS-MSCHAPV2    "p"     [2]
	interface=wlan0

	# --------------------------------------
	bss=wlan1
	ssid=EAP
	# IEEE 802.11 specifies two authentication algorithms. hostapd can be
	# configured to allow both of these or only one. Open system authentication
	# should be used with IEEE 802.1X.
	# Bit fields of allowed authentication algorithms:
	# bit 0 = Open System Authentication
	# bit 1 = Shared Key Authentication (requires WEP)
	auth_algs=3
	wpa=3
	wpa_key_mgmt=WPA-EAP
	# Require IEEE 802.1X authorization
	ieee8021x=1
	eapol_version=2
	eap_message=ping-from-hostapd
	eap_server=1
	ca_cert=/etc/hostapd/hostapd.ca.pem
	dh_file=/etc/hostapd/hostapd.dh.pem
	server_cert=/etc/hostapd/hostapd.cert.pem
	private_key=/etc/hostapd/hostapd.key.pem
	eap_user_file=/etc/hostapd/hostapd.eap_user
	# Logging
	logger_syslog=-1
	logger_syslog_level=0
	# Based on the example from
	# http://rpc.one.pl/pliki/openwrt/backfire/10.03.x/atheros/hostapd/dokumentacja/hostapd.eap_user

	# Outer (phase 1) identities
	# Wildcard for all other identities
	"peap" PEAP
	"ttls" TTLS
	* PEAP,TTLS,TLS,SIM,AKA

	# Phase 2 (tunnelled within EAP-PEAP or EAP-TTLS) users
	"md5" MD5 "p" [2]
	"chap" MSCHAPV2 "p" [2]
	#"t-gtc" GTC "p" [2]
	"peap" MSCHAPV2 "p" [2]
	"user" MD5,GTC,MSCHAPV2 "p" [2]
	"ttls" TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP,TTLS-MSCHAPV2 "p" [2]