Personal-level authentication and Enterprise-level authentication

WPA is designed to have the following authentication methods:

This section is about the Enterprise-level authentication.

The Enterprise-level authentication methods that have been selected for use within the Wi-Fi certification body are:

The io-pkt manager supports all the above, except for EAP-SIM. Certificates are placed in /etc/cert/user.pem, and CA certificates in /etc/cert/root.pem. The following example is the network definition for wpa_supplicant for each of the above Enterprise-level authentication methods:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
update_config=1

# 3.1.2 linksys -- WEP
network={
    ssid="linksys"
    key_mgmt=NONE
    wep_key0="LINKSYSWEPKEY"
}


# 3.1.3 linksys -- WPA
network={
    ssid="linksys"
    key_mgmt=WPA-PSK
    psk="LINKSYSWPAKEY"
}

# 3.1.4 linksys -- WPA2
network={
    ssid="linksys"
    proto=RSN
    key_mgmt=WPA-PSK
    psk="LINKSYS_RSN_KEY"
}

# 3.1.5.1 linksys -- EAP-TLS
network={
   ssid="linksys"
   key_mgmt=WPA-EAP
   eap=TLS
   identity="client1"
   ca_cert="/etc/cert/root.pem"
   client_cert="/etc/cert/client1.pem"
   private_key="/etc/cert/client1.pem"
   private_key_passwd="wzhang"
}


# 3.1.5.2 linksys -- PEAPv1/EAP-GTC
network={
   ssid="linksys"
   key_mgmt=WPA-EAP
   eap=PEAP
   identity="client1"
   password="wzhang"
   ca_cert="/etc/cert/root.pem"
   phase1="peaplabel=0"
   phase2="autheap=GTC"
}

# 3.1.5.3 linksys -- EAP-TTLS/MSCHAPv2
network={
   ssid="linksys"
   key_mgmt=WPA-EAP
   eap=TTLS
   identity="client1"
   password="wzhang"
   ca_cert="/etc/cert/root.pem"
   phase2="autheap=MSCHAPV2"
}

# 3.1.5.4 linksys -- PEAPv1/EAP-MSCHAPV2
network={
   ssid="linksys"
   key_mgmt=WPA-EAP
   eap=PEAP
   identity="client1"
   password="wzhang"
   ca_cert="/etc/cert/root.pem"
   phase1="peaplabel=0"
   phase2="auth=MSCHAPV2"
}

Run wpa_supplicant as follows:

wpa_supplicant -i if_name -c full_path_to_your_config_file

to pick up the configuration file and get the supplicant to perform the required authentication to get access to the Wi-Fi network.