Have questions? Stuck? Please check our FAQ for some common questions and answers.

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

 

This page describes how to test authentication using the ONOS AAA application and a demo RADIUS server. It uses ONOS and a Mininet network to simulate the client side of the authentication process, and OpenRADIUS to implement the RADIUS server. This description is heavily dependent on the ON.Lab network.

What You Will Need

  • An instance of ONOS to run. The AAA app is packaged as part of ONOS
  • A Mininet instance
  • A FreeRADIUS instance

OpenRadius Setup

Mininet Setup

ONOS Setup

WPA Supplicant Setup

wpa_supplicant configuration
ctrl_interface=/var/run/wpa_supplicant
eapol_version=1
ap_scan=0
fast_reauth=0
network={
        key_mgmt=WPA-EAP
        #eap=TLS
        #eap=MD5
        identity="testuser"
        password="testpassword"
        ca_cert="/etc/cert/cacert.pem"
        client_cert="/etc/cert/client.pem"
        private_key="/etc/cert/client.key"
     	private_key_passwd="whatever"
        eapol_flags=3
}

 

Testing Authentication

h1 sudo wpa_supplicant -Dwired -ih1-eth0 -c/etc/config/wpa_supplicant.conf

 

Useful Debugging Tools

tcpdump command
sudo tcpdump -vvv -X -n -i eth1

 

 

  • No labels