testing EAP-FAST

Tilman Baumann tilman.baumann at grandeye.com
Thu May 30 06:24:29 EDT 2013 

On 13/05/13 20:01, Jouni Malinen wrote:
> On Mon, May 13, 2013 at 04:45:31PM +0100, Tilman Baumann wrote:

>> PS: I would like to test LEAP-FAST as well. Is freeradius with the
>> hostap eap lib the best way to go?
>> I did not really want to re-compile it, but I would if that's the way to
>> go. (using debian package right now)
> 
> Assuming you are talking about EAP-FAST here, it would likely be easier
> to use hostapd as the RADIUS authentication server than trying to make
> FreeRADIUS use this through the eap2 module.


Sorry to pick your brain again. I'm getting stuck here - again. I should
really know more basics before I start working on things like that. *g*

So basically I like to try if EAP-FAST works with wpa_supplicant.

I'm trying to figure out which config options I will need to ask from
the user to cover all non certificate based authentication methods on
wired ethernet.
See my simple wpa_supplicant.conf below.

I was hoping that I will only have to ask for user, password and
optionally the EAP method.

Perhaps you guys can give me some hint here towards the complexity required?
I'm basically implementing IEEE801.1x for some linux based embedded
device. Configuration will be web based and should be as simple as possible.


Right now I can't even get my supplicant to authenticate.

I suppose the switch just passes EAP through and does not need any
specific features? Other EAP methods had worked with it. (MD5, MSCHAP
and PEAP)


My EAP-FAST testbed is cobbled together from config examples. I'm not
even sure it works.
I'm using the hostap server.

Here my settings.

http://pastebin.com/Uk5JAYUZ wpa_supplicant.conf


http://pastebin.com/Q4j95Rqk hostapd.radius_clients

http://pastebin.com/2WZU8abM hostapd.eap_user

http://pastebin.com/FcCutU45 hostapd.conf


Happy for any hints.

PS: I suspect there is something obviously wrong with my setup. But if
you like I can attach debug output of server and client.


-- 
Tilman Baumann
Oncam Grandeye
6 Huxley Road, Surrey Research Park
Guildford, GU2 7RE, United Kingdom

More information about the HostAP mailing list