Sure,
I configured radius as follows. My wireless network consists of many AP-Plus's, many AP-1000s, and countless other brands of access points too numerous to mention.
Edit radiusd.conf, configure items necessary for your network. This is how my file is configured:
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = 1.2.3.4
port = 1812
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = no
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes
usercollide = no <--- Don't want users with duplicate macs on the network
lower_user = no
lower_pass = no
nospace_user = no
nospace_pass = no
Edit clients.conf, add an entry that looks something like this:
EXAMPLE:
client 1.2.3.4{
secret = secret word
shortname = AP's name
nastype = other
}
The secret word is going to be used as the universal password from the AP to the server. The AP must be setup to use the same word as what is put in here, anything else will never work. The AP's name is just for the logs, tells you where the user authenticated at.
Edit users file, add an entry similar to this:
EXAMPLE:
010203-040506 Auth-Type := Local, User-Password == "secret word"
010203-040506 is the mac address of the wireless device to be authenticated. The secret word is the same as what you used in the AP and the clients.conf file.
That should be it. I add users to the user file and restart the radiusd service. Now, if the user has been denied by the AP before they were added to the list, the AP must be rebooted or they will never get authenticated. I have set my AP's to authenticate every 15 minutes, but for some reason, when someone is denied, they are denied till I reboot. Not really a problem for me, but might be for someone else.
HTH