TLS failing with Linksys WPC54G and WRK54G

Stephen Mathezer mathezer
Wed Nov 10 12:27:01 PST 2004 

I hope somebody can offer me some insight into this. I cannot for the 
life of me get my Linksys WPC54GV4 to connect with WPA (EAP-TLS) to the 
WRK54G.

I am using ndiswrapper 0.11, 2.6.7 kernel, wpa_supplicant 2.5.

This works fine under XP, so I know that Radius is working properly etc.
If I turn off all encryption then things work fine under Linux.  WPA 
with pre-shared keys also works fine under Linux, but with WPA/EAP-TLS, 
the AP never even tries to contact the radius server.
I also tried configuring other methods like PEAP etc just to see if the 
radius server would see any requests, but nothing every happened.

I tried the xsupplicant integration too, but that didn't produce any 
results either.

What am I missing?  Config snippet and -dd output are below.

-Steve

network={
        ssid="gear"
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=TLS
        identity="Cgy04662-Linux-WPA1"
        ca_cert="/etc/ssl/cacert.pem"
        client_cert="/etc/ssl/wpa1-cert.pem"
        private_key="/etc/ssl/wpa1-req.pem"
        private_key_passwd="xxxxxx"
        priority=100
}

# wpa_supplicant  -Dndiswrapper -w  -dd -iwlan0
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
Line: 218 - start of a new network block
SSID - hexdump_ascii(len=4):
     67 65 61 72                                       gear           
key_mgmt: 0x1
pairwise: 0x8
group: 0x8
eap methods - hexdump(len=2): 0d 00
identity - hexdump_ascii(len=19):
     43 67 79 30 34 36 36 32 2d 4c 69 6e 75 78 2d 57   Cgy04662-Linux-W
     50 41 31                                          PA1            
ca_cert=/etc/ssl/cacert.pem
client_cert=/etc/ssl/wpa1-cert.pem
private_key=/etc/ssl/wpa1-req.pem
private_key_passwd=xxxxxxx
priority=100
Priority group 100
   id=0 ssid='gear'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
Setting scan request: 0 sec 100000 usec
l2_packet_receive - recv: Network is down
Starting AP scan (broadcast SSID)
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
Scan timeout - try to get results
Received 673 bytes of scan results (3 BSSes)
Scan results: 3
Selecting BSS from priority group 100
0: 00:0f:66:bb:05:d8 ssid='gear' wpa_ie_len=24 rsn_ie_len=0
   selected
Trying to associate with 00:0f:66:bb:05:d8 (SSID='gear' freq=2417 MHz)
Cancelling scan request
WPA: using IEEE 802.11i/D3.0
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 
01 00 00 50 f2 02 01 00 00 50 f2 01
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - portControl=Auto
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
Authentication with 00:00:00:00:00:00 timed out.
Setting scan request: 0 sec 0 usec
Starting AP scan (broadcast SSID)
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
Scan timeout - try to get results
Received 925 bytes of scan results (4 BSSes)
Scan results: 4
Selecting BSS from priority group 100
0: 00:0f:66:bb:05:d8 ssid='gear' wpa_ie_len=24 rsn_ie_len=0
   selected
Trying to associate with 00:0f:66:bb:05:d8 (SSID='gear' freq=2417 MHz)
Cancelling scan request
WPA: using IEEE 802.11i/D3.0
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 
01 00 00 50 f2 02 01 00 00 50 f2 01
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - portControl=Auto
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0
Signal 2 received - terminating
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=
......
this repeats forever.

More information about the Hostap mailing list