I’ve setup WPA2 Enterprise for my home wireless network in an effort to thwart any wannabe hackers in my neighborhood. I used to be one of those curious kids with too much time on my hands war driving and hacking away at WEP. While WPA is probably secure enough for most people….I’m not most people 😉
I’m using a PFSense firewall for the Radius Server and SSL Cert Store and have paired that with a Ubiquiti UAP-AC-PRO which tunnels the wifi authentication requests to the Radius server. I’ve also got my wifi printer setup to use the RADIUS server for authentication so there is another avenue of attack eliminated. All my neighbors have their printers broadcasting a SSID….I’m sure many of them have vulnerabilities that never get fixed.
It all works very well until your CMOS battery dies and then your certs mysteriously go bad whenever your power goes out (bad dates on the certs). I fought this battle for a month until I figured the issue out. It happened while I was still new to the technology, but it’s a lesson I will NEVER forget.
Anyway, at some point I will post a detailed how to when I find some time in case anyone is curious.