AW: AW: AW: WPA2-PSK and WPA-EAP together?

Jouni Malinen j at w1.fi
Tue Sep 9 16:45:46 EDT 2014


On Tue, Sep 09, 2014 at 05:29:26PM +0000, Conrad Kostecki wrote:
> Okay. I've added at the bottom of hostapd.conf:
> 
> bss=wlp7s1
> bssid=02:xx:xx:xx:xx:xx
> ssid=HostAPd Wifi
> wpa_key_mgmt=WPA-EAP WPA-EAP-SHA256
> 
> That seems to work. I've now two interfaces and both SSIDs are visible. But there is one problem. The "HostAPd Wifi" SSID is completely open. There is no active security?
> 
> Acording to the hostapd.conf, it should take all my default settings? I don't want to double all my settings.
> 
> # Please note that hostapd uses some of the values configured for the first BSS
> # as the defaults for the following BSSes. However, it is recommended that all
> # BSSes include explicit configuration of all relevant configuration items.

The radio parameters are shared, but the security ones are not. In other
words, you'll need to have IEEE 802.1X enabled and RADIUS authentication
server (or local EAP server) configuration after that bss= line. Same
for wpa=2 and rsn_pairwise etc. (i.e., these will need to be duplicated
for each BSS that uses WPA2).

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list