IEEE 802.1X support with Host AP driver
hueiping at yahoo.com
Sun Oct 20 17:01:11 EDT 2002
great! thanks for the information, I will give it a try
with the linksys card,
--- Jacques Caron <Jacques.Caron at IPsector.com> wrote:
> Any card NDIS 5.1-compliant drivers will work with XP. You can recognize
> those by looking at the properties of the card in XP. If you have a
> "Wireless" tab, it's NDIS 5.1 and you'll get full support (including
> dynamic keying).
> If you don't have that tab, then I suppose the authentication bit should
> still work (not sure, actually), but you won't get dynamic keying. As
> EAP-MD5 doesn't provide session keys anyway, it shouldn't be a problem.
> Important thing: you have to activate "show connection icon in taskbar" or
> whatever it's called, otherwise you will never get the notifications that
> you have to enter username/password information. And XP is pretty dumb
> about it, it doesn't even have an option to save that information... :-(
> At 05:41 AM 10/18/2002, Huei-Ping Chen wrote:
> >I would also like to try out hostapd with winXP with MD5,
> >the first thing come to my mind is that, do I need a
> >cisco aironet 350 card ? some document seems to indicate
> >that I need cisco aironet 350.
> >I only have two linksys cards, one goes to hostAP, one
> >goes to winXP, would linksys in winXP do 802.1x ?
> >-- Ping
> >On Fri, 6 Sep 2002, Jouni Malinen wrote:
> > > On Sun, Sep 01, 2002 at 09:10:10PM +0300, Jouni Malinen wrote:
> > >
> > > > I used only Xsupplicant (from www.open1x.org) in testing. So if anyone
> > > > would be interested in testing hostapd with IEEE 802.1X and WinXP
> > > > Supplicant, I would be interested in hearing whether this works. Even
> > > > the minimal authentication server should provide useful information and
> > > > it should be trivial to setup.
> > >
> > > I have now implemented the needed EAPOL state machines for the .1X
> > > Authenticator in hostapd (few bugs were just fixed in CVS) and I did
> > > some testing with WinXP as the Supplicant and FreeRADIUS as the
> > > Authentication Server.
> > >
> > > EAP/MD5-Challenge seems to work fine both with FreeRADIUS and the
> > > minimal test auth. server included in hostapd. I was able to configure
> > > the user identification and password for FreeRADIUS and use the same
> > > info on WinXP Supplicant to get the port authorized.
> > >
> > > I'm not very familiar with WinXP certificate configuration and EAP/TLS
> > > seemed to miss something in the client side. I was able to add the
> > > trusted root certificate and a client certificate, but WinXP did not
> > > seem to find them when Supplicant needed certificates. Anyway, since the
> > > authenticator PAE and backend authentication state machines are now
> > > fully implemented, I would assume that also EAP/TLS would work with
> > > WinXP--assuming one were able to add suitable certificates for it.
> > >
> > > --
> > > Jouni Malinen PGP id EFC895FA
> > >
> > >
> >Do you Yahoo!?
> >Faith Hill - Exclusive Performances, Videos & More
> >HostAP mailing list
> >HostAP at shmoo.com
> -- Jacques Caron, IP Sector Technologies
> Join the discussion on public WLAN open global roaming:
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
More information about the HostAP