Child pages
  • 802.1X secured wifi installation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Add to /etc/shorewall/rules (replace IP addresses with actual IP address of wifi routers):

Code Block
# At the top of the file:
# Allow the server and NASes to talk RADIUS and HTTP (web interface)
ACCEPT          wifi:,,                $FW                                             tcp     -       80
ACCEPT          $FW                                                     wifi:,,        tcp     80      -
ACCEPT          wifi:,,                $FW                                             udp     1812    -
ACCEPT          $FW                                                     wifi:,,        udp     -       1812
# But, reject anything else to and from any other device part of the network that is not part of any dynamic zone
REJECT          wifi                                                    all                                             -       -       -
REJECT          all                                                     wifi                                            -       -       -

# At the end of the file:
ACCEPT:INFO(uid)        wifi:,,        $FW             udp    1812