802.1x auth with wpa_supp?
Jouni Malinen
jkmaline
Mon Sep 6 19:53:00 PDT 2004
On Tue, Sep 07, 2004 at 01:41:36PM +1200, Morgan Read wrote:
> >Failed to enable WPA in the driver.
> >
> I updated the station firmware to 1.7.4 in ram and got the second output
> (second) below. Also, in the second instance the AP seemed to
> "disappear" and the MAC changed to all 4s while wpa_supplicant was
> running (it didn't exit itself) and when I exited wpa_supplicant (with
> ctrl-C) the AP came back with a real MAC.
>
> But, this is all a bit strange because I shouldn't be doing anything
> with wpa if I'm using 802.1x?? So, I think something must be
> fundamentaly amiss?
The current version of the Host AP driver interface in wpa_supplicant
always enables WPA support and consequently, requires new station
firmware. You might be able to use IEEE 802.1X with driver_wext.c (add
CONFIG_DRIVER_WEXT=y to .config, use ap_scan=0 in wpa_supplicant.conf,
and -Dwext on command line).
> Already associated with a configured network - generating associated event
> Association event - clear replay counter
> Associated to a new BSS: BSSID=44:44:44:44:44:44
> ap_scan=0
I would recommend starting with ap_scan=1 when using Host AP driver.
Your debug log showed that wpa_supplicant was not receiving any EAPOL
packets from the AP and then timing out. ap_scan=1 has received much
more testing..
> eap=PEAP MSCHAPV2
If you are using EAP-PEAP with EAP-MSCHAPv2 as the inner (tunneled,
phase 2) authentication, you only need to have PEAP on this line. Phase
2 method is configured below with:
> phase2="auth=MSCHAPV2"
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list