EAP_FAST support with cisco ACS server
Jouni Malinen
j at w1.fi
Tue Jan 13 06:23:42 EST 2009
On Tue, Jan 13, 2009 at 02:58:53PM +0530, Kiran Divekar wrote:
> I want to use using wpa_supplicant 0.5.10 with cisco ACS server. I
> have recompiled it with openssl having tls-extensions patch. I have
> the .pac file from the server which is in binary format. I am having
> trouble getting the wpa_supplicant to use the .pac file.
The PAC file format used by Cisco is not supported in wpa_supplicant
since there does not seem to be any public documentation describing the
used format.
> Can you please let me know, if I can use the pac file in binary
> format? If supplicant version 0.5.10 supports pac file in text format
> only, how can convert the binary file to text file? Also, if I use
> wpa_suppicant ver. 0.6.1 which support phase1 =
> "fast_pac_format=binary" option, it fails to recognize the .pac file.?
> How can I check the integrity of the pac file for wpa_supplicant ?
You would need to convert the PAC file to format supported by
wpa_supplicant for this off-line provisioning to work.. Which is going
to be a bit complex operation unless you have access to specification of
the Cisco format. However, if you are fine using in-band provisioning of
the PAC, that should work fine with Cisco ACS.
--
Jouni Malinen PGP id EFC895FA
More information about the HostAP
mailing list