hostapd on FreeBSD + EAP-TLS + WindowsXP/SP2 -- problems.
Lev A. Serebryakov
lev at serebryakov.spb.ru
Thu May 11 08:04:30 EDT 2006
I'm trying to build AP on FreeBSD 6 box with hostapd go WinXP/SP2
clients. My driver is `bsd', version of hostapd - 0.4.8, network card is
Atherso 5212-based (D-Link DWL-G520, rev. B3).
First of all, I've tried to setup WPA-PSK. It works fine with
But EAP-TLS doesn't work at all. I've generated certificates as
described in "HOWTO: WAP/TLS Setup fot FreeRADIUS and Windws XP
Supplicant", I didn't forgot about special EKU in these certificates.
I've installed CA certificate and client certificate to WindowsXP. I
want to use computer authentication, not user one, so my `commonName' is
equal to FQDN of client computer. I even add altSubjName to
certificates, as described in MS' documentation ("Enterprise Deployment
of IEEE 802.11 Using Windows XP and Windows 2000 Internet Authentication
Config for hostapd is:
But after all these settings, `hostapd -dd' doesn't show any packets
And WindowsXP/SP2 shows "Wait for network..." progress bar for about
3 minutes and fails to connect!
I'm repeating: hostapd doesn't see even `Association' event, so it is
not problem with RADIUS (FreeRADIUS in my case) or with certificate
May be, here is any way to enable debug output (log file?) on Windows
XP? Or maybe, it is well-known problem?
// Lev Serebryakov
More information about the HostAP