wpa_supplicant on Linksys Router Wrt54G for wired eap-md5

Sebastian Röder sebastian.roeder at uni-bielefeld.de
Sun Nov 27 17:39:15 EST 2005


I have successfuly installed openwrt on my Linksys WLAN-Router Wrt54G Version 
2.2. The router has a WAN Port (Internet), a 4-port switch (LAN) and wifi:

~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:13:10:27:DE:F3
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1041 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:618354 (603.8 KiB)
          Interrupt:5 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:13:10:27:DE:F5
          inet addr:192.168.178.11  Bcast:192.168.178.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2338 errors:0 dropped:0 overruns:0 frame:207969
          TX packets:2224 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:202761 (198.0 KiB)  TX bytes:337505 (329.5 KiB)
          Interrupt:4 Base address:0x1000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

vlan0     Link encap:Ethernet  HWaddr 00:13:10:27:DE:F3
          inet addr:192.168.177.21  Bcast:192.168.177.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:1782 (1.7 KiB)

vlan1     Link encap:Ethernet  HWaddr 00:13:10:27:DE:F3
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1038 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:616572 (602.1 KiB)

The interface layout is a little bit complicated - the is a good graphic on 
http://voidmain.is-a-geek.net/i/WRT54_sw1_internal_architecture.png

In short, eth0 is the switch itself - a Broadcom BCM5325. eth1 is the WLAN 
interface, vlan0 provides the 4 LAN ports (virtual interfaces, via tagging) 
and vlan1 provides the WAN port.

I have installed wpa_supplicant-0.4.7 on the router and use the following 
config to do eap-md5 authentification over the (wired) WAN port:

~# less /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
#ctrl_interface_group=wheel
ap_scan=0
network={
        key_mgmt=IEEE8021X
        eap=MD5
        identity="my_user"
        password="my_passwd"
        eapol_flags=0
}

This config works perfect on my desktop maschine.

However wpa_supplicant -i vlan1 -D wired -c /etc/wpa-supplicant.conf -dd gives 
me the following:

Initializing interface 'vlan1' conf '/etc/wpa_supplicant.conf' driver 'wired' 
ctrl_interface 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ap_scan=0
Line: 4 - start of a new network block
key_mgmt: 0x8
eap methods - hexdump(len=2): 04 00
identity - hexdump_ascii(len=7):
     73 72 6f 65 64 65 72                              sroeder
password - hexdump_ascii(len=8): [REMOVED]
eapol_flags=0 (0x0)
Priority group 0
   id=0 ssid=''
Initializing interface (2) 'vlan1'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wired_init: Added multicast membership with packet socket
Own MAC address: 00:13:10:27:de:f3
Setting scan request: 0 sec 100000 usec
Added interface vlan1
EAPOL: External notification - portControl=Auto
Already associated with a configured network - generating associated event
Association info event
State: DISCONNECTED -> ASSOCIATED
Associated to a new BSS: BSSID=01:80:c2:00:00:03
No keys have been configured - skip key clearing
Network configuration found for the current AP
WPA: clearing AP WPA IE
WPA: clearing AP RSN IE
WPA: clearing own WPA/RSN IE
EAPOL: External notification - portControl=Auto
Associated with 01:80:c2:00:00:03
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: idleWhile --> 0
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0

tcpdump shows that there is NOTHING going on on vlan1 - one would think the 
cable is not plugged or something. But it is of cause and the cable is OK (I 
use it on my desktop box without problems).

Does this config need some extra care, doesn't wpa_supplicant handle the vlan 
interfaces right or what else might be the problem here? I guess my problem 
is related to this very "special" hardware. Now I hope some networking gurus 
can give me some pointers in which direction I should hunt the problem down.

Thanks in advance.

One difference that sticks in my mind is that the desktop uses kernel 2.6 
while the router is on 2.4.30.



More information about the HostAP mailing list