For WPA support the wpa_supplicant is used. The supplicant in the base system does not support 802.1x or WPA2 by default. This how-to shows how to enable the base wpa_supplicant for 802.1x and configure it.
To enable 802.1x and WPA2 support in the supplicant
# echo ENABLE_WPA_SUPPLICANT_EAPOL=\"YES\" >> /etc/make.confRebuild the wpa_supplicant and tools
# cd /usr/src/usr.sbin/wpa
# make clean
# make
# make installConfigure the wpa_supplicant
Create the /etc/wpa_supplicant.conf file. The following is a copy of the file I use.
ctrl_interface_group=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="VE6KIK"
scan_mgmt=WPA-PSK
psk="SHARED_KEY"
}
network={
ssid="dot1x"
scan_ssid=1
key_mgmt=WPA-EAP
eap=TTLS
pairwise=TKIP
group=TKIP
identity="EDU\username"
anonymous_identity="EDU\username"
password="password"
phase2="auth=MSCHAPV2"
} Make it work at startup
Edit /etc/rc.conf and modify the ifconfig variable for your network device. My wireless card device is ath0 so the ifconfig variable in my rc.conf file looks like: ifconfig_ath0=”DHCP WPA”
Restart the wireless device.
# /etc/rc.d/netif stop ath0
# /etc/rc.d/netif start ath0