WPA && bridge_packets dont work
Wilfried Klaebe
wk-hostap
Tue Sep 7 08:09:02 PDT 2004
Am Mon, Sep 06, 2004 at 09:01:21PM -0700 schrieb Jouni Malinen:
> > Arp is broadcast. Something is wrong with broadcast, bridge packets and
> > wpa! Unicast works!
>
> Please give more details of your test setup, including configuration
> files and driver/firmware versions of each device.
I have a similar problem...
setup:
One Prism2.5 PCI card, ram-downloaded PRI 1.1.4, STA 1.8.3 and hostap-cvs
in Master mode, with RSN (config files attached), in the machine called
"the AP".
One Atheros 5001X+ (a/b/g) with latest madwifi driver and wpa_supplicant
in my laptop.
When I give the AP's eth0 it's IP, and wlan0 some private IP (10.40.0.1
in this case), there's no problem. My laptop can ping the AP from 10.40.0.2,
can ssh to it, can connect through it (via NAT) anywhere it wants, anything.
But when I set up bridging - br0 with slaves eth0 and wlan0, eth0 and wlan0
both up, br0 with the IP that eth0 had before, just as described several
times before, my laptop I cannot ping it anymore.
tcpdump -i wlan0 shows ARP requests coming in on wlan0, but they don't
appear on br0. If I ping the same IP from another box over the ethernet,
ARP requests come in on eth0, and show up some milliseconds later on
br0, are then answered, and everything works.
Also, there is never anything going out on wlan0. I see router
advertisements and other broadcast packets on br0, both from the ethernet
and from the box itself, which both don't ever go out on wlan0.
I have no clue where to look for the problem. It seems to me that RSN is
not alone the problem, since the packets come in on wlan0. If some
keying/authentication/authorization was the issue, they should not, if
I am correct; and if wlan0 is not bridged, everything works.
Here the promised config files:
hostapd.conf:
interface=wlan0
ssid=SSID
macaddr_acl=0
auth_algs=1
ieee8021x=1
eapol_key_index_workaround=0
own_ip_addr=127.0.0.1
auth_server_*=@values
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=CCMP
wpa_group_rekey=600
wpa_gmk_rekey=86400
wpa_supplicant.conf:
ctrl_interface=/var/run/wpa_supplicant
eapol_version=2
network={
ssid="SSID"
scan_ssid=0
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP
group=CCMP
eap=TTLS
ca_cert="/etc/802.11i/SSID/root.pem"
identity="identity"
password="password"
phase2="auth=PAP"
anonymous_identity="anonymous"
}
Regards, Wilfried
--
Irgendwas ist ja immer...
More information about the Hostap
mailing list