A couple of Problems with hostap and 802.1x

Erich Schubert erich at vitavonni.de
Mon Aug 25 09:30:58 EDT 2003


> > Well, that leads to my questions already. ;)
> > - xsupplicant: using the same certificates i can't get it to work. It
> > sends out the user name; on the machine running hostapd i do see the EAP
> > Challenge being sent out, on the client i don't see it coming in with
> > ethereal. I guess that is why xsupplicant doesn't reply. Any ideas?
> 
> Seeing hostapd debug log with at least debug=2 (or -dd in command line)
> level could be helpful to find out what did not work.

I have been running hostapd with -dd, freeradius with -XA and ethereal
in order to get it working. No success yet.

> > - dynamic wep rekeying with EAP-TSL and win2k. Does this work? when i
> > enable rekeying in hostapd authentication fails:
> > wlan0: encryption configured, but RX frame not encrypted (SA=...)
> > i guess that is the reply frame.
> 
> It should work. How did you configure hostapd for this? With both
> broadcast and unicast keys? Does EAP-TLS succeed in this setup or do you
> get that frame drop messages already for an EAPOL packet?

It seems the first EAPOL packet gets through, but nothing more. Maybe
the reply packet isn't arriving correctly. I have a third machine with
WLAN here, Knoppix-based (i'm using to try xsupplicant) but i couldn't
get useful dumps there either.

I tried EAP-TSL with a fixed WEP-Key, but i think i had problems with
that, too. Using WEP without 802.1x was fine though.
I tried at least both multicast and unicast keys enabled (default
values). Is it easier to just try one first?

> > Another question: When 802.11i is finished; are there people working on
> > implementing these for linux already?
> 
> Yes.

Great.

Gruss,
Erich Schubert
-- 
    erich@(mucl.de|debian.org)      --      GPG Key ID: 4B3A135C    (o_
   There was never a good war or a bad peace. - Benjamin Franklin   //\
    Die Freunde nennen sich aufrichtig. Die Feinde sind es: Daher   V_/_
      man ihren Tadel zur Selbsterkenntnis benutzen sollte, als
            eine bittere Arznei.  --- Arthur Schopenhauer



More information about the HostAP mailing list