wpa_supplicant troubles with connection following authentication (cannot get IP)

Joe Love joe at getsomewhere.net
Fri Oct 14 23:01:38 EDT 2005


I'm trying to get my laptop running FreeBSD6 to fully connect and use 
the wireless network on my university's campus.  They are using TTLS+PAP 
for the key handling and authentication, and DHCP for ip address assignment.

The problem I'm experiencing is that under FreeBSD, I cannot get an IP 
address from the dhcp server after connecting & authentication using 
wpa_supplicant.  This problem may not be wpa_supplicant-specific, as I 
tried using the exact same configuration on WindowsXP using the exact 
same hardware, and was able to connect and get an IP address just fine.  
I'm hoping someone might be able to shed some light on the subject, as 
myself and everyone else I've asked is stumped by the problem.

The one comparison between the two connections that has confused me the 
most is the output from ethereal.  On both freebsd & windows, I see the 
same EAP, TLS & EAPOL protocol packets, but once the EAP succeeds, and 
keys are exchanged, the output under windows looks like normal traffic, 
including one Ethernet II packet, followed by a DHCP request, 
acknowledgement, and arp traffic (and some other stuff).  Under FreeBSD, 
however, I see the keys exchanged, and then a bunch of packets of 
protocol type "LLC", and the only packets that aren't LLC are ones that 
come from my machine.  I see no typical IP traffic from any other hosts.

I can provide any useful information, including packet dumps, but at 
this point, I'm really not quite sure what direction to go.

Thanks
-Joe

Since it's common that people like to see these first that there's 
nothing wrong, here's the same configuration i used on both windows & 
freebsd.  To make it clear, the configuration below works fine on 
WindowsXP, and I can proceed to get an IP address after connecting.  It 
authenticates fine on FreeBSD6, but dhclient cannot get an IP address 
after authentication.

Configuration:
ctrl_interface=/var/run/wpa_supplicant
eapol_version=2
ap_scan=1
#ap_scan=2 # suggested.
network={
    ssid="UIC-Wireless"
    scan_ssid=1
    mode=0
    key_mgmt=IEEE8021X
    eap=TTLS
    identity="jlove1"
    password="*CENSORED*"
    anonymous_identity="anonymous"
    ca_cert="thawte.pem"
    #phase1="include_tls_length=1"
    phase2="auth=PAP"
}





More information about the HostAP mailing list