<span style="border-collapse:collapse"><div>Hi,</div><div><br></div><div>I am trying to get wpa_supplicant going with this setup:<br></div><div><br></div><div>Linux Laptop (Thinkpad with iwl4965agn) -> Aruba AP -> Aruba Wireless Controller -> Cisco ACS RADIUS server (terminates EAP)<br>
</div><div><br></div><div>It's PEAPv1 as the passwords need to be in clear text, not MSCHAP. I have this setup successfully working with Windows and Mac, so just trying to get the wpa_supplicant config right. The best I can get is partial success, but it's not clear why it's failing. I think I *may* be hitting this problem fixed in v0.6.6:</div>
<div><br></div><div><pre style="white-space:pre-wrap;word-wrap:break-word">2008-11-23 - v0.6.6
        * fixed canceling of PMKSA caching when using drivers that generate
         RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
         about
<br>i.e. "RSN: no matching PMKID found" error<br></pre><pre style="white-space:pre-wrap;word-wrap:break-word"><span style="font-family:arial;font-size:13px;white-space:normal">But my distro is still on 0.6.4. Can anyone confirm this is the problem I am hitting? Also is my config correct for this setup?<br>
</span></pre><pre style="white-space:pre-wrap;word-wrap:break-word"><span class="Apple-style-span" style="font-family: arial; font-size: 13px; white-space: normal; ">Ben</span><br></pre><pre style="white-space:pre-wrap;word-wrap:break-word">
<span style="font-family:arial;font-size:13px;white-space:normal"><br></span></pre><pre style="white-space:pre-wrap;word-wrap:break-word"><span style="font-family:arial;font-size:13px;white-space:normal">---------------------------------------------------------------------------------------------------<br>
<br># config <br><br>network={<br> priority=4<br> disabled=0<br> ssid="WLAN-Secure"<br> scan_ssid=1<br> proto=WPA2<br> key_mgmt=WPA-EAP<br> ca_cert="/etc/ssl/certs/Thawte_Premium_Server_CA.pem"<br>
pairwise=CCMP<br> group=CCMP<br> eap=PEAP<br> identity="u4399999"<br> password="password"<br> # guessing about the following..<br> phase1="peap_outer_success=0 peaplabel=1"<br>
phase2="auth=GTC"<br>}<br><br></span><span style="font-family:arial;font-size:13px;white-space:normal">---------------------------------------------------------------------------------------------------<br>
<br># wpa_cli status - cycles between the following several times<br><br>wintermute ~ # wpa_cli status<br>Selected interface 'wlan0'<br>bssid=00:1a:1e:11:e5:42<br>ssid=WLAN-Secure<br>id=0<br>pairwise_cipher=CCMP<br>
group_cipher=CCMP<br>key_mgmt=WPA2/IEEE 802.1X/EAP<br>wpa_state=4WAY_HANDSHAKE<br>Supplicant PAE state=CONNECTING <br>suppPortStatus=Unauthorized<br>EAP state=IDLE<br><br>wintermute ~ # wpa_cli status<br>Selected interface 'wlan0'<br>
bssid=00:1a:1e:97:02:71<br>ssid=WLAN-Secure<br>id=0<br>pairwise_cipher=CCMP<br>group_cipher=CCMP<br>key_mgmt=WPA2/IEEE 802.1X/EAP<br>wpa_state=4WAY_HANDSHAKE<br>Supplicant PAE state=AUTHENTICATING<br>suppPortStatus=Unauthorized<br>
EAP state=IDLE<br>selectedMethod=25 (EAP-PEAP)<br>EAP TLS cipher=<br>EAP-PEAPv1 Phase2 method=GTC<br><br></span># Before the controller bars the client for number of attempts and settles on:<br><br>Selected interface 'wlan0'<br>
wpa_state=DISCONNECTED<br>Supplicant PAE state=DISCONNECTED<br>suppPortStatus=Unauthorized<br>EAP state=DISABLED<br>selectedMethod=25 (EAP-PEAP)<br>EAP TLS cipher=<br>EAP-PEAPv1 Phase2 method=GTC<br><br><span style="font-family:arial;font-size:13px;white-space:normal">---------------------------------------------------------------------------------------------------<br>
<br># connection logs<br><br>I had to remove these logs as my post got lost in moderator-land for being to big, will update in next post if my config is correct.</span></pre><pre style="white-space:pre-wrap;word-wrap:break-word">
<span class="Apple-style-span" style="font-family: arial; font-size: 13px; white-space: normal;"><br></span></pre><pre style="white-space:pre-wrap;word-wrap:break-word"><span class="Apple-style-span" style="font-family: arial; font-size: 13px; white-space: normal;">B</span></pre>
<pre style="white-space:pre-wrap;word-wrap:break-word"><span class="Apple-style-span" style="font-family: arial; font-size: 13px; white-space: normal;"><br></span></pre><pre style="white-space:pre-wrap;word-wrap:break-word">
<span class="Apple-style-span" style="font-family: arial; font-size: 13px; white-space: normal;"><br></span></pre></div></span>