EAP-TLS and wpa_supplicant

wpa at antrina.org wpa at antrina.org
Wed Oct 27 16:39:52 EDT 2004


On Thu, 2004-10-28 at 06:32, wpa at antrina.org wrote:
> On Thu, 2004-10-28 at 06:00, wpa at antrina.org wrote:
> > On Wed, 2004-10-27 at 23:06, Gunter Burchardt wrote:
> > > > Hello,
> > > > 
> > > > I have a DLINK wireless router (DI-624) and freeradius 1.0.1 setup for
> > > > WPA-EAP using TLS and PEAP for authentication. This set up works very
> > > > well for a Broadcom (bcm43xx) wireless mini PCI card and a DLINK
> > > > DWL-G650 pcmcia card on a Inspiron 8600 running on Windows XP.
> > > > 
> > > > On linux I used the Linuxant Driverloader with the same wireless cards
> > > > and wpa_supplicant 0.2.5. I was able to get TLS and PEAP authentication
> > > > working with the wireless router. However, if the wireless network is
> > > > left idle for about 5 minutes, the network will stop working. When the
> > > > network stop working, the output of wpa_supplicant (at the end of this
> > > > email) can be seen.
> > > > 
> > > > If I have a traffic generator (i.e. ping at 15 seconds interval) going,
> > > > the network stays up.
> > > > 
> > > > I am pretty sure that the problem does not lie in DI-624 nor freeradius
> > > > as this setup works with the same wireless devices under windows.
> > > > 
> > > > Any help or suggestions would be much appreciated.
> > > 
> > > It sounds like power save option of the wireless card. Try to disable
> > > it (I don't know how on this card)
> > 
> > That was my original thought but the power saving has been disabled.
> 
> Just to illustrate the point, the wireless router configured for WPA-PSK
> has no such problem.

My theory is that in WPA-EAP, the wireless router is trying to determine
if client is still connected so that it may provide accounting
statistics to the radius server. Wpa_supplicant may not be responding to
the probe.

Regards,
Eric Yeo




More information about the HostAP mailing list