A question is asked about PEAP in hostap.

Jouni Malinen jkmaline
Fri Apr 4 21:14:51 PST 2003

On Tue, Apr 01, 2003 at 08:55:36PM +0900, ?$B$U$8 ?$B$5$s wrote:

> (1)What should be put into "acct_server_shared_secret" and
> "eap_message" of hostapd.conf?

You do not need to configure accounting server or eap_message for EAP
authentication, so you can just comment these out.

> (2)Are some understood, although the following doubtful
> LOG(s) will be outputted, if it is going to use PEAP?
> A part is shown below.
> IEEE 802.1X: Sending canned EAP packet FAILURE to
> 00:30:5b:00:3f:30 (identifier 0)

That's fine. EAPOL state machine is defined to send that packet on
initialization. However, since it seem to cause some problems with at
least WinXP Supplicant, I'm considering of removing it from the "normal"
state transition path.

> IEEE 802.1X: 84 bytes from 00:30:5b:00:3f:30
>    IEEE 802.1X: version=1 type=0 length=80
>    EAP: code=2 identifier=2 length=80 (response)
>    EAP Response-Unknown   <---???

I have not added EAP method number for PEAP, so it is shown as Unknown.
However, this should not be a problem since IEEE 802.1X Authenticator
(i.e., AP) does not need to know anything about the used EAP method.

> Since a setup of (1) is doubtful, can't PEAP be used?

I haven't tested PEAP myself, but it should work.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list