hostapd authenticates but dhcpd doesn't give out address

Bob Beers bbeers at ieee.org
Fri Jun 18 11:44:49 EDT 2004



Jouni Malinen wrote:

> The wpa_supplicant.conf file you included was configured to use TKIP,
> but hostapd.conf was configured for plaintext with IEEE 802.1X
> authentication this is not going to work.. You should be able to test
> IEEE 802.1X authentication, but once wpa_supplicant start to expect WPA
> key handshake, the AP is not going to be doing it.
> 
Thanks for the reply.

I added some wpa variables to my hostapd.conf:

bash-2.05# cat /etc/hostapd.conf.terse
interface=wlan0
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=2
dump_file=/tmp/hostapd.dump
daemonize=1
ssid=dugtrio
macaddr_acl=0
auth_algs=1
ieee8021x=1
eap_message=helloBob
eapol_key_index_workaround=0
own_ip_addr=172.16.1.201
auth_server_addr=172.16.1.200
auth_server_port=1812
auth_server_shared_secret=secret
acct_server_addr=172.16.1.200
acct_server_port=1813
acct_server_shared_secret=secret
wpa=1
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP
wpa_group_rekey=600
wpa_gmk_rekey=86400
bash-2.05#

This, I hope, matches up with my wpa_supplicant.conf file:

network={
         ssid="dugtrio"
         proto=WPA
         key_mgmt=WPA-EAP
         pairwise=TKIP
         group=TKIP
         eap=PEAP
         identity="user"
         password="password"
}

If this is still not correct, please give me at least one example set of
  coordinating config files.

And I suppose it is not yet correct because I still can't report success.

==============================================================


On the station ( a laptop with a Linksys pccard )
==============================================================
bash-2.05b# hostname
alakazam
bash-2.05b# hostap_diag wlan0
Host AP driver diagnostics information for 'wlan0'

NICID: id=0x801b v1.0.0 (PRISM III PCMCIA (SST parallel flash))
PRIID: id=0x0015 v1.0.5
STAID: id=0x001f v1.3.4 (station firmware)
bash-2.05b# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:"dugtrio"
           Mode:Managed  Frequency:2.447GHz  Access Point: 44:44:44:44:44:44
           Bit Rate:11Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:off
           Power Management:off
           Link Quality:28/70  Signal level:-67 dBm  Noise level:-95 dBm
           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:2676   Missed beacon:0

bash-2.05b# wpa_supplicant -d -iwlan0 -c/etc/wpa_supplicant.conf
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
eapol_version=1
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_hostap_set_wpa: enabled=1
ioctl[PRISM2_IOCTL_PRISM2_PARAM]: Operation not supported
Failed to enable WPA in the driver.
bash-2.05b#
==============================================================


  On the AP ( an embedded device with netgear PCI )
===============================================================
bash-2.05# hostname
dugtrio
bash-2.05# hostap_diag wlan0
Host AP driver diagnostics information for 'wlan0'

NICID: id=0x8013 v1.0.0 (PRISM II (2.5) Mini-PCI (SST parallel flash))
PRIID: id=0x0015 v1.1.1
STAID: id=0x001f v1.7.4 (station firmware)
bash-2.05# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:"dugtrio"
           Mode:Master  Frequency:2.447GHz  Access Point: 00:09:5B:41:10:B4
           Bit Rate:11Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:off
           Power Management:off
           Link Quality:0  Signal level:0  Noise level:0
           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
           Tx excessive retries:1908  Invalid misc:399696   Missed beacon:0

bash-2.05# cat /etc/hostapd.conf.terse
interface=wlan0
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=2
dump_file=/tmp/hostapd.dump
daemonize=1
ssid=dugtrio
macaddr_acl=0
auth_algs=1
ieee8021x=1
eap_message=helloBob
eapol_key_index_workaround=0
own_ip_addr=172.16.1.201
auth_server_addr=172.16.1.200
auth_server_port=1812
auth_server_shared_secret=secret
acct_server_addr=172.16.1.200
acct_server_port=1813
acct_server_shared_secret=secret
wpa=1
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP
wpa_group_rekey=600
wpa_gmk_rekey=86400
bash-2.05# hostapd -d /etc/hostapd.conf.terse
Configuration file: /etc/hostapd.conf.terse
Opening raw packet socket for ifindex 15
Using interface wlan0ap with hwaddr 00:09:5b:41:10:b4 and ssid 'dugtrio'
wlan0: RADIUS Authentication server 172.16.1.200:1812
wlan0: RADIUS Accounting server 172.16.1.200:1813
WPA: group state machine entering state GTK_INIT
GMK - hexdump(len=32): d0 18 98 86 e4 69 d8 70 21 60 fa 6b f9 e3 52 bd 09 69 ad 
08 81 27 b6 ce a2 e5 c9 bf 32 6f 6d 04
GTK - hexdump(len=32): e1 77 26 a7 c7 e0 ec bd df c5 d4 13 de b9 dd 6b 23 48 d8 
39 62 6b 63 52 42 64 cf 17 db b3 e5 6d
WPA: group state machine entering state SETKEYSDONE
ioctl[PRISM2_IOCTL_HOSTAPD]: Invalid argument
Failed to set encryption.
Sending RADIUS message to accounting server
RADIUS message: code=4 (Accounting-Request) identifier=0 length=71
    Attribute 40 (Acct-Status-Type) length=6
       Value: 7
    Attribute 45 (Acct-Authentic) length=6
       Value: 1
    Attribute 4 (NAS-IP-Address) length=6
       Value: 172.16.1.201
    Attribute 30 (Called-Station-Id) length=27
       Value: '00-09-5B-41-10-B4:dugtrio'
    Attribute 49 (Acct-Terminate-Cause) length=6
       Value: 11
Flushing old station entries
Deauthenticate all stations
Received 146 bytes management frame
RX frame - hexdump(len=146): 08 00 46 97 b9 47 00 50 c2 0f f2 26 08 00 45 10 00 
84 73 9d 40 00 40 06 6b 13 ac 10 01 c9 ac 10 01 ca 00 16 80 7c 6e 69 01 21 6a dc 
00 7d 80 18 1e e0 80 de 00 00 01 01 08 0a 00 92 be 15 00 76 df 2e cc d2 91 d3 b5 
d8 1c 0d ea 79 e3 bf fc 6c c2 f3 dd d8 30 fd 9f 2e 83 02 64 2e 18 de 94 7d f6 4d 
da c7 6e 7f 27 3d d7 6c 7d 5c 57 a0 c9 a0 f6 80 d1 26 3b 28 9b 51 20 02 e4 a7 dc 
cb 9c 12 aa 1b 27 e5 6d 82 03 d2 5a fa bf 74 39 ad 9c e3 53 9c
DATA
Not ToDS data frame (fc=0x0008)
Received 66 bytes management frame
RX frame - hexdump(len=66): 00 50 c2 0f f2 26 08 00 46 97 b9 47 08 00 45 10 00 
34 96 c6 40 00 40 06 48 3a ac 10 01 ca ac 10 01 c9 80 7c 00 16 6a dc 00 7d 6e 69 
01 71 80 10 76 c8 aa 1f 00 00 01 01 08 0a 00 76 df 3d 00 92 be 15
MGMT
MGMT: BSSID=00:34:96:c6:40:00 not our address
Received 20 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=5 (Accounting-Response) identifier=0 length=20

=============================================================


What next?

-- 
Bob Beers
MIEEE 2415966




More information about the HostAP mailing list