help needed in pre-authentication

Harshil Anil Kumar Shah Harshil_Shah at infosys.com
Mon Jan 10 00:30:10 EST 2011


Ok. Thanks for your kind and early explanation. :)

But let me add to that,

I have,

Cisco 2960 G switch  			as Next AP.
D'Link DIR 600 Wireless Router	as Current AP.

So Is there any configuration pertained to pre-authentication to be done on Next AP. If it is, then how to do that?
Note that, I am not using "hostapd" as an AP. I am using APs mentioned above.	

-Thanks,
Harshil.


-----Original Message-----
From: Jouni Malinen [mailto:j at w1.fi] 
Sent: Friday, January 07, 2011 4:13 PM
To: Harshil Anil Kumar Shah
Subject: Re: help needed in pre-authentication

On Fri, Jan 07, 2011 at 02:54:52PM +0530, Harshil Anil Kumar Shah wrote:
> I believe I do not have to use hostapd for that. Actually, how RSN pre-authentication differs from 802.1x pre-authentication?.

I do not know what you are referring to with "802.1x
pre-authentication".

> Would there be any configuration parameters on current AP for AAA server or we just need to enable pre-authentication on it and it will forward EAP-packet to next AP, which in turn relays the same to AAA server?

Enabling pre-authentication should be enough; the pre-authentication
packets from the supplicant are use their own ethertype and are sent to
the BSSID of the target AP, so as long as bridging is set up correctly
between the APs, that should work transparently at the current AP.

-- 
Jouni Malinen                                            PGP id EFC895FA

**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely 
for the use of the addressee(s). If you are not the intended recipient, please 
notify the sender by e-mail and delete the original message. Further, you are not 
to copy, disclose, or distribute this e-mail or its contents to any other person and 
any such actions are unlawful. This e-mail may contain viruses. Infosys has taken 
every reasonable precaution to minimize this risk, but is not liable for any damage 
you may sustain as a result of any virus in this e-mail. You should carry out your 
own virus checks before opening the e-mail or attachment. Infosys reserves the 
right to monitor and review the content of all messages sent to or from this e-mail 
address. Messages sent to or from this e-mail address may be stored on the 
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***


More information about the HostAP mailing list