Deauthentication while connecting to RADIUS

Dennis Borgmann dennis.borgmann at
Fri Nov 16 01:51:14 EST 2007

Dear list-members,

I got a new AP, that uses 2 Atheros-WLAN-devices and runs Linux with the 
madwifi-driver in use. In addition, the hostapd is in use.
My laptop is connected via ethernet to this AP and is running the
FreeRADIUS server. I have a client running an Atheros-card on Linux as
well, so there I do also have madwifi in addition to wpa_supplicant.

Schematically, this is my setup:

|------------|      |------------|          |----------------|
|Laptop      |  (1) |Accesspoint |    (2)   | Desktop-PC     |
| |------| |--))  ((--|     |
| FreeRADIUS |      |hostapd     |          | wpa_supplicant |
|------------|      |------------|          |----------------|

Now, I am sniffing with wireshark on the Laptop and "in the air",
meaning in between the AP and the Desktop-PC. What I now get is the
information, that my request to the radius-server succeeds
(Access-accept sent out from the Laptop, seen in the sniff on connection
(1) and EAP-Success including ACK sniffed on connection (2)). But
direcly after the "EAP-Success"-frame is sent out by the AP to the
Desktop-PC, the AP sends out a Deauthentication-frame to the Desktop-PC
saying the previos authentication would no longer be valid (0x0002).
There is no frame in between the ACK sent by the Desktop-PC and the DEAUTH
sent by the AP, the time elapsed in between those two frames is
roundabout 1 ms.

I do not see the point, why the AP rejects the authentication after a
succeeded EAP-authentication.

The output of

hostapd -ddd /etc/hostapd/hostapd1.conf

gives these three lines (among thousands of others):

WPA: 00:14:85:da:c6:f1 WPA_PTK entering state INITPMK
WPA: Could not get PMK
WPA: 00:14:85:da:c6:f1 WPA_PTK entering state DISCONNECT

So far with my problem. Does anyone see the point that I did wrong? Just
for completeness, I posted my config-files at the following link (it's just a text file 66kB of size):

Kind regards and thanks for every hint in advance,


More information about the HostAP mailing list