Difference between revisions of "Eduroam Basics"
| Line 11: | Line 11: | ||
== Workshop Contents == | == Workshop Contents == | ||
| − | |||
* Presentation Slides (to be added) | * Presentation Slides (to be added) | ||
| − | |||
| − | + | === Lab Plan === | |
| + | Identity Provider | ||
| + | * Install Ubuntu 18.04 server | ||
| + | ** Update Ubuntu | ||
| + | ** Install freeRADIUS | ||
| + | ** Configure freeRADIUS | ||
| + | ** Testing | ||
| + | |||
| + | Service Provider | ||
| + | * Configure WiFi AP | ||
| + | * Configure Certificates for WPA2 Enterprise | ||
| + | * Configure WiFi - uni1, uni2, uni3, uni4
(For lab use only)
| ||
| + | * Testing | ||
| + | ** Check IDP (Local university login) | ||
| + | ** Configure Peering | ||
| + | ** Check peering | ||
| + | |||
| + | Note: SSIDs should be lowercase "eduroam" for the production deployment. In the Labs, for easier troubleshooting we are using different SSIDs. | ||
| + | |||
| + | === System Preparation === | ||
| + | Four VPSes with freshly installed Ubuntu 18.04 LTS Server is provided to participants divided into four groups or two to four participants. The participants are expected to use their Laptop and ssh client to connect to their assigned VPS and follow the lab instructions. | ||
| + | |||
| + | === freeRADIUS configuration === | ||
| + | * freeRADIUS configurations Follow [[Eduroam Configuration]] for basic setup and configuration lab | ||
| + | |||
| + | === Testing tools === | ||
| + | * Download eapol_test tool from [https://eduroam.org.np/eapol_test-ubuntu1804.tar] | ||
| + | * Untar the tool | ||
| + | cd | ||
| + | mkdir eapol_test | ||
| + | curl -O https://eduroam.org.np/eapol_test-ubuntu1804.tar | ||
| + | untar eapol_test-ubuntu1804.tar | ||
| + | sudo cp eapol_test /usr/local/bin | ||
| + | |||
| + | Run Tests and watch for response | ||
| + | $ eapol_test -c eap-ttls.conf -s testing123 | ||
| + | |||
| + | $ eapol_test -c peap-mschapv2.conf -s testing123 | ||
| + | |||
| + | Run tests with incorrect password | ||
| + | $ eapol_test -c eap-ttls-invalid.conf -s testing123 | ||
| + | |||
| + | $ eapol_test -c peap-mschapv2-invalid.conf -s testing123 | ||
| + | |||
| + | Documentation is in progress. Check back again for more/updated contents. | ||
[[Category:Workshop]] | [[Category:Workshop]] | ||
Revision as of 17:39, 1 January 2019
Workshop Info
This is an introductory workshop for eduroam. After the completion of the workshops, participants are expected to be able to configure WiFi APs for 802.1X authentication, configure freeradius server with database and LDAP user databases, peer with .np FLR and fully implement eduroam at their institution.
- Venue: NREN Secretariat, Conference Hall
- Time: 13:00 to 17:00
- Dates:
- eduroam Basics 01 - 2018-12-31
- eduroam Basics 02 - TBD (Tentative Jan 2nd week)
- eduroam Basics 03 - TBD (Tentative Jan last week)
- eduroam Basics 04 - TBD (Tentative Feb 2nd week)
Workshop Contents
- Presentation Slides (to be added)
Lab Plan
Identity Provider
- Install Ubuntu 18.04 server
- Update Ubuntu
- Install freeRADIUS
- Configure freeRADIUS
- Testing
Service Provider
- Configure WiFi AP
- Configure Certificates for WPA2 Enterprise
- Configure WiFi - uni1, uni2, uni3, uni4 (For lab use only)
- Testing
- Check IDP (Local university login)
- Configure Peering
- Check peering
Note: SSIDs should be lowercase "eduroam" for the production deployment. In the Labs, for easier troubleshooting we are using different SSIDs.
System Preparation
Four VPSes with freshly installed Ubuntu 18.04 LTS Server is provided to participants divided into four groups or two to four participants. The participants are expected to use their Laptop and ssh client to connect to their assigned VPS and follow the lab instructions.
freeRADIUS configuration
- freeRADIUS configurations Follow Eduroam Configuration for basic setup and configuration lab
Testing tools
- Download eapol_test tool from [1]
- Untar the tool
cd mkdir eapol_test curl -O https://eduroam.org.np/eapol_test-ubuntu1804.tar untar eapol_test-ubuntu1804.tar sudo cp eapol_test /usr/local/bin
Run Tests and watch for response
$ eapol_test -c eap-ttls.conf -s testing123 $ eapol_test -c peap-mschapv2.conf -s testing123
Run tests with incorrect password
$ eapol_test -c eap-ttls-invalid.conf -s testing123 $ eapol_test -c peap-mschapv2-invalid.conf -s testing123
Documentation is in progress. Check back again for more/updated contents.
