Skip to main content
All CollectionsAgent Management
Agent Configuration - Hardware sensors - Enable 802.1x on Ethernet Interface
Agent Configuration - Hardware sensors - Enable 802.1x on Ethernet Interface
Panickos Neophytou avatar
Written by Panickos Neophytou
Updated over 3 weeks ago

Introduced in version 13.0.1, the creation of a wired 802.1X profile is supported. It is important to note that only wireless agents with a wired interface can support the new profile. In order to create the wired 802.1X profile, the process is as follows:

  1. From the WIFI tab, click Add WiFi Network

  2. Configure the profile for the 802.1X authentication

  3. For the SSID, the field cannot be blank and it must end with "_dot1xwired". The rest of the SSID is used as a placeholder.

  4. Press Save and Continue, and select the agent(s) to assign to the profile

Note: If the agent has been previously assigned to a wireless profile, the agent must be re-assigned to the wireless profile after assigning it to the wired 802.1X profile. By re-assigning the agent to the wireless profile, the wireless stats will continue to be reported on the dashboard.

Unfortunately, support for removing the wired 802.1X profile from the agent is not currently supported from the WIFI tab. In order to remove the wired 802.1X profile from the agent, there are three different options:

  1. If the user has credentials for root access, remove the profile using the interactive GUI console for the agent(s) with the wired 802.1X profile assigned. Use these steps:

    su
    mount remount,rw /
    sed -i '/env 802dot1x=1/d' /etc/dhcpcd.conf
    # replace <wired_ifname> with the wired interface name
    rm /etc/wpa_supplicant/wpa_supplicant-<wired_ifname>.conf 
    wpa_cli terminate -i<wired_ifname>

  2. Reset to DHCP for the agent(s) with the wired 802.1X profile assigned using the guide. Note: this will also reset the wireless interface as well.

  3. Factory reset the agent(s) with the wired 802.1X profile assigned using the guide. Note: this will also reset all configurations on the agent.

802.1X authentication manually on the agent

On networks that use the 802.1X standard for device authentication, it may be necessary to authenticate wired Agents to the network. The 802.1X authentication procedure is described in the following steps:

mceclip0.png

      1. From the Agent View, select the Agent you would like to authenticate.

      2. Go to the Agent's Console Tab from the Agent Details.

      3. Gain root access:

        su

      4. Set the Agent's root partition to read-write:

        mount -o remount,rw /

      5. Use the following command to create a supplication WPA configuration file for the Agent's Ethernet interface:

        nano /etc/wpa_supplicant/wpa_supplicant_wired.conf

      6. Within the file, edit the configuration based on the required authentication type:

        ctrl_interface=DIR=/var/run/wpa_supplicant
update_config=1
        #id:21
        #version:1527003044000
        network=
        {
             key_mgmt=IEEE8021X
             eap=PEAP
              identity="me@example.com"
              anonymous_identity="anonymous@htw-berlin.de"
              password="password"
              ca_cert=""
              phase2="auth=MSCHAPV2"
              eapol_flags=0
              priority=10
        }

      7. Update the /etc/network/interfaces file and add the pre-up statement under the interface eth0 statement:

        auto eth0
        iface eth0 inet dhcp
          pre-up wpa_supplicant -B -Dwired -t -i eth0 -c/etc/wpa_supplicant/wpa_supplicant_wired.conf -f    /var/log/netbeez/wpa_supplicant_wired.log
Related Articles
Agent View: Agent Details
Agent Configuration - Convert Agent from Wired to Wireless
Agent Configuration - Convert Agent from Wireless to Wired
Agent Configuration - Interface Management
Wired Tests on WiFi Sensors
Did this answer your question?