A couple of Problems with hostap and 802.1x

Erich Schubert erich at vitavonni.de
Tue Aug 26 03:40:13 EDT 2003

> > - dynamic wep rekeying with EAP-TSL and win2k. Does this work? when i
> > enable rekeying in hostapd authentication fails:
> > wlan0: encryption configured, but RX frame not encrypted (SA=...)
> > i guess that is the reply frame.
> It should work. How did you configure hostapd for this? With both
> broadcast and unicast keys? Does EAP-TLS succeed in this setup or do you
> get that frame drop messages already for an EAPOL packet?

Seems like using

my win2k test client was assigned a 13 byte key.
But it doesn't change after 60 seconds.
AND the win2k seems to transmit unencrypted:
kernel: wlan0: encryption configured, but RX frame not encrypted (SA=

when i run
  hostap_crypt_conf wlan0 <station MAC> NULL
transmission works.

Manually setting the broadcast TX key and station TX key on the server
as well as the (only?) TX key on the Win2K client to the same value on
resulted in a successful 802.1x re-authentication and successful
connection. Can this be card-depending on Win2K?
Since i'm a linux-only guy myself i don't know too much about Windows...
i have read in the howtos that WinXP seems to have the configuration
unified, whereas Win2k seems to have this done by the card driver.

Erich Schubert
      erich@(mucl.de|debian.org)      --      GPG Key ID: 4B3A135C     (o_
 A man doesn't know what he knows until he knows what he doesn't know. //\
 Mancher findet sein Herz nicht eher, als bis er seinen Kopf verliert. V_/_

More information about the HostAP mailing list