802.1x auth with wpa_supp? - authenticated!
mstuff at pl.net
Tue Oct 5 05:48:29 EDT 2004
I'd like to say thank you to everybody on this list who's had the
pleasure of following my (gradual) learning curve - I suspect it might
have been more exhausting for the rest of you than me!
Jouni, a huge thankyou; I'm amazed by the enormous amount of
correspondence you manage to keep up - including for a complete novice.
For those who have the pleasure of following this thread in my
footsteps, I posted to the wrong fork a couple of messages back, so this
(now on the right thread) is actualy a response to:
Now for dhcp...
Jouni Malinen wrote:
> On Mon, Oct 04, 2004 at 11:26:37PM +1300, Morgan Read wrote:
>>Is anybody able confirm that the final but one line in the attached file
>>(AUTHENTICATED.txt) means what is says, ie I've succeeded in
>>authenticating against the server? And, consequently problems with
>>getting an IP are with dhcp and dhclient and not wpa_supplicant (see
> The debug log from wpa_supplicant seemed to indeed show a successful
>>Is it possible to set up wpa_supplicant to run dhclient automatically
>>once authentication is complete?
> Not at the moment. There has been some discussion on adding that,
> though. Another option would be to use wpa_cli to check the status of
> the connection from an external script and delay DHCP client starting
> until the authentication has been completed.
>>Also, I've assumed the WPA responses "EAPOL frame too short" (last line
>>etc) are irrelevant as I'm not using wpa but 802.1x?
> Yes, that is fine. WPA part of wpa_supplicant is just reporting that it
> is ignoring the packet.
>>Resolved earlier ssl private_key errors by commenting out private_key in
>>the conf file - so, private_key not necessary; wpa_supplicant seems to
>>do this internally. wpa-supplicant.conf attached fyi.
> wpa_supplicant doesn't do "this" internally. EAP-PEAP does not require
> client certificate/key at all for TLS.. The configuration file you use
> looks valid for EAP-PEAP/MSCHAPv2.
More information about the HostAP