EAP-FAST With Cisco ACS version 5.1 problem

manik basha basha.manik at rediffmail.com
Thu Dec 9 23:27:52 EST 2010


 Hi All

I have been using the wpa_supplicant 0.6.9 to establish EAP-FAST connection with Cisco ACS 5.1 server.

Since the PAC on the client is stale and in-band provisioning is enabled
 on client and ACS 5.1 P0 provisioning happened successfully and 
wpa_supplicant stored it to the file.

When the connection establishment is restarted wpa_supplicant loaded the
 stored file but couldn't use the PAC because pac_type is missing in the
 PAC loaded so (note that the A-ID in the EAP-FAST start message is matching) it fails to get a PAC from eap_fast_get_pac() function 
resulting in P0 happening again.

This process goes on forever.



Did anyone face this problem and found a fix.

Note that above described scenario doesn't happen with ACS 4.1  since 
pac_type is present in pac_info everything just works fine.

thanks

MB 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20101210/a623234f/attachment.htm 


More information about the HostAP mailing list