Even more information...

Jouni Malinen jkmaline at cc.hut.fi
Tue Sep 2 23:35:25 EDT 2003 

On Tue, Sep 02, 2003 at 12:58:00PM -0400, Kyle Rose wrote:

> hostapd is configured for broadcast WEP mode (good enough for what I'm
> trying to do), and the clients are each using the hostap driver.  This
> configuration works reasonably well: about 30% of the time, hostapd
> refuses to contact the RADIUS server for some reason, but I can debug
> that later.  The point is that negotiation seems to work most of the
> time, and it occasionally renegotiates the WEP key, so I'm assuming
> it's somewhat secure.

Please send some more debug logs etc. if the problems with RADIUS server
continue.

> So, I still have two Orinoco Gold cards that refuse to talk with the
> AP in broadcast WEP mode.  If I set them up with a fake key (e.g.,
> 01010101010101010101010101), then one of them will negotiate a WEP key
> with the AP, until another client somewhere appears, whereupon neither
> will be able to talk.  (I think I mentioned this in my last email.)
> The two cards are at firmware revisions 7.52 and 8.10.

I have only used 4.something and 6.0x firmware with Lucent cards in
Linux, so I cannot confirm whether those cards work in this kind of
setup or not. I have seen issues of clients not even trying to
authenticate with the AP if the encryption configuration does not match,
so adding a fake key is probably caused by this kind of feature.

> Any clues?  I'd rather not have to consider these cards incompatible
> with my network.  I'm pretty sure it's an Orinoco problem because they
> don't work in RADIUS WEP mode with a solid-state AP, either, but I
> figured if anyone would have experience with this, those people would
> be here.  I suppose I could complain to Agere, but it's unclear how
> much of an effect that would have.

I have only tested Lucent cards with WinXP and Microsoft IEEE 802.1X
Supplicant. In that kind of setup they work very well when generating
both broadcast and unicast WEP keys dynamically. With Linux, I have been
mostly using Host AP driver in client mode with a Prism2 card when
testing IEEE 802.1X.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list