hostapd runs, but no control of network

Tim Boneko tim
Mon Aug 22 07:17:04 PDT 2005 

I wonder whether i?ve got a problem  of configuration or  understanding...

I compiled hostapd v. 0.4.4 with all necessary options (and a few more,
most of all use of prism54 card and internal radius server).
I started it. Output looked fine, including the line "Deauthenticating
all stations". (No error messages in the output btw.)

Still all clients have a working connnection, hostapd doesn?t keep
anybody from connnecting. So i changed the config from internal radius
to a freeradius server i just installed. I configured the  clients.conf
file and seem to have hostapd running with my freeradius server, but
still anybody can connect without password.

Logs of freeradius look good to a freeradius newbie like me:

/var/log/freeradius/radius.log:

Mon Aug 22 15:36:29 2005 : Info: Ready to process requests.
Mon Aug 22 15:36:36 2005 : Info: rlm_radutmp: NAS localhost restarted
(Accounting-On packet seen)

/var/log/freeradius/radacct/detail-20050822:
Mon Aug 22 15:36:36 2005
        Acct-Status-Type = Accounting-On
        Acct-Authentic = RADIUS
        NAS-IP-Address = 127.0.0.1
        Called-Station-Id = "00-04-E2-80-EE-03:thalheim"
        Acct-Terminate-Cause = NAS-Reboot
        Client-IP-Address = 127.0.0.1
        Acct-Unique-Session-Id = "60762dd8d4469af9"
        Timestamp = 1124717796

...thalheim is my domain, before that is the prism54 MAC address...



Can anybody shed some light on me? What am i missing? Does the internal
hostapd radius server really authenticate anyone with any passwd? Or
could i uninstall freeradius again? Would be nice since this becomes a
bit oversized with freeradius.
Below is my hostapd.conf, just in case anybody finds the BIG MISTAKE (tm)

Thx,

	timbo

/etc/hostapd/hostapd.conf: (version using freeradius, tried lots of
variations without freeradius)

interface=eth1

driver=prism54

logger_syslog=8
logger_syslog_level=1
logger_stdout=-8
logger_stdout_level=1

debug=2

dump_file=/tmp/hostapd.dump

#ctrl_interface=/var/run/hostapd
#ctrl_interface_group=wheel
#ctrl_interface_group=0

ssid=thalheim
macaddr_acl=0
accept_mac_file=/etc/hostapd/hostapd.accept
deny_mac_file=/etc/hostapd/hostapd.deny

auth_algs=3

#assoc_ap_addr=00:12:34:56:78:9a
ieee8021x=1

eap_message=hello\0networkid=netw,nasid=foo,portid=0,NAIRealms=thalheim

#wep_key_len_broadcast=5
#wep_key_len_unicast=5
#wep_rekey_period=300
eapol_key_index_workaround=0
#eap_reauth_period=3600

eap_server=0
#eap_user_file=/etc/hostapd/hostapd.eap_user
#ca_cert=/etc/ssl/certs/cacert.pem
#server_cert=/etc/ssl/certs/kiste-cert.pem
#private_key=/etc/ssl/private/kiste-key.pem
#private_key_passwd=
#check_crl=0
#eap_sim_db=/etc/hostapd/hostapd.sim_db

#iapp_interface=eth0

own_ip_addr=127.0.0.1
#nas_identifier=ap.example.com
auth_server_addr=127.0.0.1
auth_server_port=1812
auth_server_shared_secret=password
acct_server_addr=127.0.0.1
acct_server_port=1813
acct_server_shared_secret=passwd

#radius_acct_interim_interval=600

#radius_server_clients=/etc/hostapd/hostapd.radius_clients
#radius_server_auth_port=1812
#radius_server_ipv6=1

wpa=0
wpa_passphrase=weirdpassphrase
#wpa_psk_file=/etc/hostapd.wpa_psk
wpa_key_mgmt=WPA-PSK WPA-EAP
wpa_pairwise=TKIP CCMP
#wpa_group_rekey=600
#wpa_strict_rekey=1
#wpa_gmk_rekey=86400
rsn_preauth=0
#rsn_preauth_interfaces=eth0

More information about the Hostap mailing list