wpa_supplicant in adhoc WPA-PSK mode

Ujjal Roy royujjal at gmail.com
Fri Nov 6 01:50:26 EST 2009


Hi All,

I have an IBSS(start) network(Ad-Hoc WPA-PSK) with the following 
configuration -

ssid="ADHOC_WPA_PSK"
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
passphrase="1234567890"


Now, my question is - *can wpa_supplicant join with the above IBSS network?*
The following configuration is for the wpa_supplicant -

##### Example wpa_supplicant configuration file 
###############################
update_config=1
ctrl_interface=/var/run/wpa_supplicant
eapol_version=2
ap_scan=1
fast_reauth=1

# Example blocks:
# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers
network={
    ssid="ADHOC_WPA_AP"
    mode=1
    proto=WPA
    key_mgmt=WPA-PSK
    pairwise=TKIP
    group=TKIP
    psk="1234567890"
    priority=1
}

Please reply with your comments as early as possible, because I have no 
other known application which can test this block of network.

Thanks,
Ujjal Roy
> On Fri, Oct 30, 2009 at 03:10:26AM +0530, Rajan Vijayaraghavan wrote:
>
>   
>> The config file for wpa_supplicant is like this:
>>     
>
>   
>> eap=FAST
>> pac_file="c:\dirofwpasupp\fast-mschapv2.pac"
>> phase1="fast_provisioning=1"
>> phase2="auth=mschapv2"
>>     
>
> That is supposed to be phase2="auth=MSCHAPV2"
>
>   
>> The pem files are stored both the in the server and the client. After the
>> HostAPD is started on the linux machine, wpa_supplicant is used to connect
>> the client to the network. I am getting an error message like
>>
>> "EAP-FAST: No Pac File 'c:\dirofwpasupp\fast-mschapv2.pac' - assume no PAC
>> entries have been provisioned.
>>     
>
> That is not an error message.
>
>   
>> CTRL-EVENT-EAP-METHOD EAP vendor 0 method 43 (FAST) selected.
>>     
>
> And neither is that one.
>
>   
>> CTRL-EVENT-EAP-FAILURE EAP authentication failed.
>>
>> Can somebody please let me know if the above configuration is correct?
>>     
>
> I noticed one error in the wpa_supplicant configuration. If fixing that
> does not resolve the problem, I would suggest taking a look at
> wpa_supplicant debug log (run it with -dd on command line).
>
>   
>> I captured the packets in the air between the Access Point and the Station:
>> The EAP FAST REQUEST packet from AP to STA has the EAP FAST start bit set.
>> The SSL Secure Sockets Layer shows as "Unrecognized SSL Layer" - SSL Data
>> Cannot be Recognized".
>>     
>
> The tool that you used to parse the message does not seem to be able to
> handle the EAP-FAST Start message correctly (it does not actually
> include any SSL data).
>
>   
>> Where does the PAC file get created? On the Linux machine that runs the
>> hostapd or the windows machine that runs the wpa_supplicant.
>> Would it be created automatically on the client?
>>     
>
> The PAC file itself is created on the client. The PAC key stored in this
> file is generated by the authentication server (hostapd in this case).
>
>   
>> Also how do I use Juniper Access Client to work in EAP FAST method. I
>> checked with Juniper document but to no avail. Any helpful pointer would be
>> great.
>>     
>
> That would be a question for Juniper, not this mailing list..
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20091106/f9d3316f/attachment.htm 


More information about the HostAP mailing list