EAP-FAST With Cisco ACS version 5.1 problem

Jouni Malinen j at w1.fi
Fri Dec 17 08:16:53 EST 2010


On Fri, Dec 10, 2010 at 04:27:52AM -0000, manik basha wrote:
> I have been using the wpa_supplicant 0.6.9 to establish EAP-FAST connection with Cisco ACS 5.1 server.
> 
> Since the PAC on the client is stale and in-band provisioning is enabled
>  on client and ACS 5.1 P0 provisioning happened successfully and 
> wpa_supplicant stored it to the file.
> 
> When the connection establishment is restarted wpa_supplicant loaded the
>  stored file but couldn't use the PAC because pac_type is missing in the
>  PAC loaded so (note that the A-ID in the EAP-FAST start message is matching) it fails to get a PAC from eap_fast_get_pac() function 
> resulting in P0 happening again.

Would you be able to provide a wpa_supplicant debug output showing this
behavior? I do not have Cisco ACS 5.1 server, so I cannot easily test
this myself.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list