Can one STA with EAPOL errors make hostapd drop all clients?
Rafał Miłecki
zajec5 at gmail.com
Mon May 25 04:17:06 EDT 2015
On 25 May 2015 at 10:03, Krishna Chaitanya <chaitanya.mgit at gmail.com> wrote:
> On Mon, May 25, 2015 at 10:48 AM, Rafał Miłecki <zajec5 at gmail.com> wrote:
>> I'm experimenting with various drivers and during my tests I got a
>> faulty STA. It experiences some Michael failures which causes
>> wpa_supplicant sending EAPOL errors to AP.
>>
>> What bothers me is that hostapd drops all STAs after getting the
>> second "EAPOL-Key Error Request". Instead of just dealing with faulty
>> STA it breaks connectivity for all other users. Moreover they can't
>> re-connect for some reason until I disable faulty STA and wait few
>> minutes.
> This is expected as per spec, 2 Michael failures and AP should de-authenticate
> all STA's. For cross checking, you can try CCMP instead of TKIP?
Thanks for info, nice to know. Looks like a spec-approved easy to way
to sabotage an AP ;) You're right about encryption, this problem
occurs with TKIP only.
Any idea why my "good" STA can't reconnect after this action? I mean
these associated/disassociated/unauthorizing port logs in hostapd.
Unfortunately I didn't grab corresponding wpa_supplicant logs, but I
can try later if that helps.
--
Rafał
More information about the HostAP
mailing list