EAP-TLS for wired network using hostap as an authenticator

Harshil Anil Kumar Shah Harshil_Shah at infosys.com
Thu Dec 16 04:03:45 EST 2010


Hi Alan,

Currently I am working on a research project of EAP-TLS. I want to do EAP-TLS authentication for a wired client. So, I visited couple of forums and I came to know about hostapd which can work as an authenticator in case of EAP-TLS authentication process.  This is my testbed setup:


Freeradius       -------------wired------------------   Authenticator(hostapd) -------------wired-------------------- wpa_supplicant
(192.168.1.10)                                    (192.168.1.11)                 (192.168.0.12)                              (192.168.0.13)


In case of wireless client and if I use Dlink wirelesss router as an authenticator, authentication works successfully.
But in case of wired client scenario,  authenticator is able to receive the request but is not able to forward to radius server. Where am I missing something?

This is my hostapd.conf file:

interface = eth1
driver = wired
own_ip_addr = 192.168.1.11
# RADIUS authentication server
auth_server_addr =192.168.1.10
auth_server_port =1812
auth_server_shared_secret = whatever

# RADIUS accounting server
acct_server_addr =192.168.1.10
acct_server_port =1813
acct_server_shared_secret = whatever

Please help me to solve this.

Thanks and Regards,
Harshil A. Shah,



**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely 
for the use of the addressee(s). If you are not the intended recipient, please 
notify the sender by e-mail and delete the original message. Further, you are not 
to copy, disclose, or distribute this e-mail or its contents to any other person and 
any such actions are unlawful. This e-mail may contain viruses. Infosys has taken 
every reasonable precaution to minimize this risk, but is not liable for any damage 
you may sustain as a result of any virus in this e-mail. You should carry out your 
own virus checks before opening the e-mail or attachment. Infosys reserves the 
right to monitor and review the content of all messages sent to or from this e-mail 
address. Messages sent to or from this e-mail address may be stored on the 
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20101216/45192798/attachment.htm 


More information about the HostAP mailing list