HostAP + WEP rekeying + hostapd.conf

Oleg Izhvanov OIzhvanov at rfmd.com
Wed Mar 19 14:21:37 EST 2003


Israel Cardenas Romero wrote:

>>Israel Cardenas Romero wrote:
>>
>>>i'm using HostAP and 802.1x executing this command:
>>>
>>>
> 
> hostapd -x -o192.168.49.222 -a192.168.49.222 -ssecret_pass -SSecureAP -b5 -i
> 
>>>5 wlan0 &
>>>
>>>It's running OK using FreeRADIUS in the same machine, with EAP-TLS
>>>authentication
>>>I've two questions:
>>>
>>>1. I've read about a 'hostapd.conf' file, but I don't know this file'
>>>structure. Where can I find it ? I want to configure rekeying time and I
>>>don't know how to do it in the command line...
>>
>>The contents of this file is self-descriptory.
>>
> 
> 
> But, where is this file? I have not it, and I have not found any
> description...

This file is in hostap/hostapd subdirectory of the current CVS version.

> 
>>>2. Is there any method to use EAP-TLS without client certification,
> 
> using
> 
>>>something like 'login/password' ?
>>
>>No. EAP-TLS is the protocol based on certificates. If you want to use
>>'login/password' authentintication consider using EAP-LEAP. It is
>>is supported in the current CVS version of FreeRADIUS server.
>>
> 
> 
> But LEAP is only for Cisco hardware, isn´t it? I need to use another clients
> ...

Afaik, in the current moment you cannot use any of the EAP protocols
except EAP/TLS for 802.1X authentication. Of course this means that you
use native WinXP 802.1X supplicant. I know that there are several 802.1x
supplicants supporting other schemes, such as EAP/OTP, EAP/PEAP, EAP/MD5
etc., but you will have to have both RADIUS server and 802.1X supplicant
supporting one of this schemes.

-- 
BR, Oleg Izhvanov <oleg.izhvanov at rfmd.com>




More information about the HostAP mailing list