Xsupplicant -> wpa_supplicant

Jouni Malinen jkmaline at cc.hut.fi
Sun Dec 11 13:43:18 EST 2005


On Sun, Dec 11, 2005 at 06:54:55PM +0100, Aasmund Grammeltvedt wrote:

> Now, how does that translate to wpa_supplicant.conf? I have tried some
> configurations, but whatever I do, wpa_supplicant doesn't seem to do
> anything when it receives the initial EAP frame:
> 
> $ wpa_supplicant -c /etc/wpa_supplicant.conf -i eth1 -dd -D wired

You need to add global ap_scan=0 (i.e., outside the network block) line
into wpa_supplicant.conf when using -Dwired.

> RX EAPOL from 00:0d:ed:af:11:a5
> RX EAPOL - hexdump(len=46): 01 00 00 05 01 52 00 05 01 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> EAPOL: Received EAP-Packet frame
> 
> And so on for each initial frame it receives. Something must be weong,
> but wpa_supplicant doesn't seem inclined to share.

wpa_supplicant needs to get into "connected" state before EAPOL frames
are processed. In case of wired interfaces, there is no explicit
association process, to ap_scan=0 need to be used to disable this part.

> I believe the configuration should go something like this, but there
> doesn't really seem to be any change whatever I try:
> 
> network={
>         ssid="xyz"
>         key_mgmt=IEEE8021X
>         identity="foo"
>         password="bar"
>         phase1="peapver=1 peaplabel=1"
>         phase2="auth=MSCHAPV2"
>         eapol_flags=0
> }

For wired networks, you need to remove ssid parameter. In addition, you
could add eap=PEAP and unless you know you really need peaplabel=1, I
would recommend just removing that phase1 line which is forcing PEAP
parameters. The defaults are more likely to work unless you are using
Radiator as the RADIUS server.
 
-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list