===== 802.1X Authentication Tutorial =====
**__Install CENTOS 7__**
su -
yum update -y
yum install screen.x86_64 -y
screen
**__Install MySQL__**
yum install wget -y
wget https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
rpm mysql57-community-release-el7-9.noarch.rpm -i
yum repolist enabled | grep "mysql.*-community.*"
yum update -y
yum install mysql-community-server -y
systemctl start mysqld
systemctl status mysqld
grep 'temporary password' /var/log/mysqld.log #(note: may be preceded with ::, so include those too)
mysql -uroot -p
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass4!'; #(note: replace MyNewPass4! with your password)
CREATE DATABASE radius;
GRANT ALL PRIVILEGES ON radius.* TO vPC66@localhost IDENTIFIED BY "P@ssw0rd!8@";
flush privileges;
use radius;
SOURCE etc/raddb/mods-config/sql/main/mysql/schema.sql
exit
**__Install FreeRadius__**
yum -y install freeradius.x86_64 freeradius-mysql.x86_64 freeradius-utils.x86_64
**__Configure the RADIUS server__**
vi etc/raddb/users
tim Cleartext-Password := "testing"
radiusd -X
radtest tim 'testing' localhost 10 testing123
Output:
Sending Access-Request Id 216 from 0.0.0.0:54510 to 127.0.0.1:1812
User-Name = 'tim'
User-Password = 'testing'
NAS-IP-Address = 192.168.1.66
NAS-Port = 10
Message-Authenticator = 0x00
Received Access-Accept Id 216 from 127.0.0.1:1812 to 127.0.0.1:54510 length 20
**__Switch configuration__**
en
conf t
no ip domain-lookup
hostname LabCSw25
line con 0
logg syn
no exec-timeout
ip routing
aaa new-model
username tim secret testing
radius-server host 10.0.0.66 auth-port 1812 acct-port 1813 key P@ssw0rd!8@
aaa authentication dot1x default group radius
dot1x system-auth-control
interface g1/0/2
switchport mode access
dot1x port-control auto