EAP-FAST authentication on a university campus
Jouni Malinen
j at w1.fi
Fri Apr 15 11:09:03 EDT 2011
On Fri, Apr 15, 2011 at 02:11:06PM +0200, Stephen Bosch wrote:
> my university recently switched to EAP-FAST authentication. Support
> for Linux users is non-existent.
> The institution provides the following configuration information and
> instructions to users:
>
> WPA2 Enterprise authentication
> Encryption: AES (I assume that this is CCMP)
> Network authentication: PEAP
That PEAP is in conflict with the switch to EAP-FAST.. Anyway, the logs
you showed did not get as far as even starting EAP, so this would not
have changed them.
> When I configure wicd to use EAP-FAST, it generates this configuration file:
>
> > ap_scan=1
> > ctrl_interface=/var/run/wpa_supplicant
> > network={
> > ssid="HAB"
> > scan_ssid=1
> > proto=RSN WPA
> > pairwise=CCMP TKIP
> > group=CCMP TKIP
> > key-mgmt=WPA-EAP
That "key-mgmt" should be "key_mgmt".
> > ap_scan=1
> > ctrl_interface=/var/run/wpa_supplicant
> > network={
> > ssid="HAB"
> > scan_ssid=1
> > proto=RSN
> > key_mgmt=WPA-EAP
> > pairwise=CCMP
> > group=CCMP
> > eap=PEAP
> > identity="<windows_userid>"
> > password="<windows_password>"
> > phase1="fast_provisioning=1"
> > phase2="auth=MSCHAPV2"
This looks fine in general.
> It actually attempts a connection then, but still fails:
> > 0: 00:26:3e:07:21:00 ssid='HAB' wpa_ie_len=0 rsn_ie_len=20 caps=0x11
> > selected based on RSN IE
> > selected WPA AP 00:26:3e:07:21:00 ssid='HAB'
> > Trying to associate with 00:26:3e:07:21:00 (SSID='HAB' freq=2462 MHz)
wpa_supplicant asks the driver to associate with the AP, but the driver
does not seem to be able to do that. Which driver are you using?
--
Jouni Malinen PGP id EFC895FA
More information about the HostAP
mailing list