ap_isolate=1 and WPA-Enterprise(EAP-PEAP) is it possible ?

Marek Grzybowski marek.grzybowski at rtbhouse.com
Mon May 25 08:47:52 EDT 2015


Hi
  We have packetfence and openwrt+hostapd deployed in our network.
Clients are authenticating via radius (EAP-PEAP), and hostapd bridge them to selected vlans.
It working very nice .

Recently we tried to enable ap_isolate=1, but it seems that ap_isolate=1 working perfectly in WPA-PSK configuration,
but is totally ignored in WPA-Enterprise setup .

Is it possible to enable ap_isolate on WPA-Enterprise AP mode ?

Thank you in advance for any replies.


### Details ###

# opkg info hostapd
Package: hostapd
Version: 2014-06-03.1-1
Depends: libc, libnl-tiny, libubus
Status: install user installed
Architecture: ar71xx
Installed-Time: 1420629173


# our hostapd example config in WPA-Enterprise setup, where we try to add "ap_isolate=1" :

driver=nl80211
logger_syslog=127
logger_syslog_level=2
logger_stdout=127
logger_stdout_level=2
hw_mode=a
channel=48

ieee80211n=1
ht_capab=[LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]

interface=wlan1
ctrl_interface=/var/run/hostapd
disassoc_low_ack=1
preamble=1
wmm_enabled=1
ignore_broadcast_ssid=0
auth_server_addr=192.168.32.100
auth_server_port=1812
auth_server_shared_secret=xxx
acct_server_addr=192.168.32.100
acct_server_port=1813
acct_server_shared_secret=xxx
nas_identifier=
eapol_key_index_workaround=1
ieee8021x=1
wpa_key_mgmt=WPA-EAP
dynamic_vlan=2
vlan_naming=1
vlan_tagged_interface=eth0
auth_algs=1
wpa=2
wpa_pairwise=CCMP
ssid=RTBHouse-SECURE-5
bridge=br-lan
okc=0
disable_pmksa_caching=1
bssid=10:fe:ed:e6:33:96


-- 
Kind Regards
    Marek Grzybowski

tel +48 691 490 229 , PGP:0xF7BF935A , JID:marek at grzybowski.waw.pl


More information about the HostAP mailing list