IEEE 802.1X support with Host AP driver

Huei-Ping Chen hueiping at yahoo.com
Sun Oct 20 17:01:11 EDT 2002


Jacques,

great! thanks for the information, I will give it a try
with the linksys card, 

-- Ping

--- Jacques Caron <Jacques.Caron at IPsector.com> wrote:
> Any card NDIS 5.1-compliant drivers will work with XP. You can recognize 
> those by looking at the properties of the card in XP. If you have a 
> "Wireless" tab, it's NDIS 5.1 and you'll get full support (including 
> dynamic keying).
> 
> If you don't have that tab, then I suppose the authentication bit should 
> still work (not sure, actually), but you won't get dynamic keying. As 
> EAP-MD5 doesn't provide session keys anyway, it shouldn't be a problem.
> 
> Important thing: you have to activate "show connection icon in taskbar" or 
> whatever it's called, otherwise you will never get the notifications that 
> you have to enter username/password information. And XP is pretty dumb 
> about it, it doesn't even have an option to save that information... :-(
> 
> Jacques.
> 
> At 05:41 AM 10/18/2002, Huei-Ping Chen wrote:
> >Hi,
> >
> >I would also like to try out hostapd with winXP with MD5,
> >the first thing come to my mind is that, do I need a
> >cisco aironet 350 card ? some document seems to indicate
> >that I need cisco aironet 350.
> >
> >I only have two linksys cards, one goes to hostAP, one
> >goes to winXP, would linksys in winXP do 802.1x ?
> >
> >thanks,
> >
> >-- Ping
> >
> >
> >
> >On Fri, 6 Sep 2002, Jouni Malinen wrote:
> >
> > > On Sun, Sep 01, 2002 at 09:10:10PM +0300, Jouni Malinen wrote:
> > >
> > > > I used only Xsupplicant (from www.open1x.org) in testing. So if anyone
> > > > would be interested in testing hostapd with IEEE 802.1X and WinXP
> > > > Supplicant, I would be interested in hearing whether this works. Even
> > > > the minimal authentication server should provide useful information and
> > > > it should be trivial to setup.
> > >
> > > I have now implemented the needed EAPOL state machines for the .1X
> > > Authenticator in hostapd (few bugs were just fixed in CVS) and I did
> > > some testing with WinXP as the Supplicant and FreeRADIUS as the
> > > Authentication Server.
> > >
> > > EAP/MD5-Challenge seems to work fine both with FreeRADIUS and the
> > > minimal test auth. server included in hostapd. I was able to configure
> > > the user identification and password for FreeRADIUS and use the same
> > > info on WinXP Supplicant to get the port authorized.
> > >
> > > I'm not very familiar with WinXP certificate configuration and EAP/TLS
> > > seemed to miss something in the client side. I was able to add the
> > > trusted root certificate and a client certificate, but WinXP did not
> > > seem to find them when Supplicant needed certificates. Anyway, since the
> > > authenticator PAE and backend authentication state machines are now
> > > fully implemented, I would assume that also EAP/TLS would work with
> > > WinXP--assuming one were able to add suitable certificates for it.
> > >
> > > --
> > > Jouni Malinen PGP id EFC895FA
> > >
> > >
> >
> >
> >
>
>--------------------------------------------------------------------------------
> >
> >
> >__________________________________________________
> >Do you Yahoo!?
> >Faith Hill - Exclusive Performances, Videos & More
> >http://faith.yahoo.com
> >_______________________________________________
> >HostAP mailing list
> >HostAP at shmoo.com
> >http://lists.shmoo.com/mailman/listinfo/hostap
> 
> 
> -- Jacques Caron, IP Sector Technologies
>     Join the discussion on public WLAN open global roaming:
>     http://lists.ipsector.com/listinfo/openroaming
> 


__________________________________________________
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
http://webhosting.yahoo.com/



More information about the HostAP mailing list