Broadcast works, unicast doesn't

Philip M. White pmw at qnan.org
Sat Dec 10 14:31:31 EST 2005


For the past several weeks I've been researching equipment and ways of
getting on my university's newly-802.1x-protected wireless network.

I run Linux 2.6, have a Netgear WG511T PCMCIA network card which has an
Atheros chipset for which I use the madwifi-ng (latest from Subversion)
driver, and the latest version of wpa_supplicant.

The network uses PEAP/MSCHAPv2 authentication with key_mgmt=IEEE8021X.

When I connect, everything appears to work: I am authenticated,
wpa_supplicant receives and sets three keys, and I am able to request
and receive a DHCP lease.  The university's network administrators
confirm that I authenticated and received a valid lease.  Additionally,
I am able to see all broadcast traffic.

The problem is that I am unable to do anything that requires unicast
traffic: I cannot ping the gateway, I cannot be pinged by other hosts,
and other hosts cannot see my ICMP echo requests.  (This problem is not
restricted to ICMP, naturally.  Nothing else works either.)

The output of `iwlist ath0 key` displays three valid-looking 40-bit keys
in slots [2], [3], and [4].  Slot [1] is "off".  The default transmit
key is [4].  Trying to use any other transmit key through changing
iwconfig does not improve the situation.

On the other hand, my job uses the same 802.1x wireless setup as my
university, and the same client hardware and software combination is
able to authenticate and communicate flawlessly.  The only difference
that I've been able to see is that the output of `iwlist ath0 key` at
work shows something like:
[1]: 1111-1111-1111-1111-1111-1111-11 (104 bits)
[2]: off
[3]: off
[4]: {a valid-looking key} (104 bits)
...and like I said, everything works beautifully at work.

A friend of mine who is able to use my university's network on Linux
with an ipw2200 chipset has the same key arrangement (1-off, 2,3,4 are
40-bit), but his "mode" is "open" while my mode is "restricted".
Changing my own mode to "open" does not result in any improvement.

As another reference point, my network card is able to use my
university's network when the laptop is running Windows XP.

So, my friend and I are puzzled about what's going on.  The most likely
suspect that we can see is madwifi-ng.

What do you think?  Is there anything else I can try?

-- 
Philip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20051210/3a013ccc/attachment.pgp 


More information about the HostAP mailing list