This $2.50 (Aus) tool from the app store will help you to configure RADIUS (technically FreeRADIUS) that is included with for Yosemite.

RADIUS, just like LDAP, is an open standard for authenticating users to a central database. You could potentially make your WiFi much more secure by implementing 802.11x which leverages RADIUS to auth back to your directory server. This means that you don’t have to worry about everyone using the same password to access WiFi…….

Here’s how to configure it

Third checkbox from the top!

Third checkbox from the top!

First of all, you need to turn on ‘Allow Remote Administration Using Server’. This is in Remote Administration Using Server

This allows the tool to connect to the using port 311, Apple’s traditional admin port. While you’re in there, go to the ‘Certificates’ section and make sure you have a valid cert, and that it appears to be working. If you are having cert issues, please read this Apple article.

Next, open Admin Tool Radius, and it will ask you for your server login. If this works correctly you should then see a pop up list of your certificates and you can select the appropriate one. Under ‘Archive logs every x days’ make a decision about how interested you are in these logs and stick a number in.

Screen Shot 2015-08-12 at 3.31.51 pm

Now, ‘Network Access Server’ refers to the wifi devices that will be handling the login credentials. Click the + symbol to add a new one, and fill in the details for

1. Device name
2. IP address
3. Type (usually ‘other’)
4. Secret (this is the ‘shared secret’)
5. Confirm Secret (yep, same again to prevent errors)

Once all of that data is in, click ‘Save’ then ‘On’

You should immediately be able to configure your Wifi device to auth using this server. For an Apple Airport, open Airport Utility, click ‘Edit’ to change the configuration, select ‘Wireless’, set ‘Wireless Security’ to ‘WPA2 Enterprise’ and click ‘Configure RDIUS’ where you will put in all of the same details you just added to the server. After an update your devices should be able to use the wireless network by authenticating to your server. Pretty cool huh?

Huge thanks to Yoann Gini for making this tool.