hostapd runs, but no control of network
Tim Boneko
tim
Sat Aug 27 07:34:54 PDT 2005
(Sent this mail a week ago, but got no reply at all. Was it lost or is
my question to silly? Please let me know...)
I compiled hostapd v. 0.4.4 with all necessary options according to
README and infos from hostap.epitest.fi. I included support for prism54
(latest stable package from prism54.org) and internal radius server.
I started it. Output looked fine, including the line "Deauthenticating
all stations". (No error messages in the output btw.)
Still all clients have a working connnection, hostapd doesn?t keep
anybody from connnecting. So i changed the config from internal radius
to a freeradius server i just installed. I configured the clients.conf
file and seem to have hostapd running with my freeradius server, but
still anybody can connect without password. Hostapd makes my wlan a
wide-open, inviting door.
Logs of freeradius look good to a freeradius newbie like me:
/var/log/freeradius/radius.log:
Mon Aug 22 15:36:29 2005 : Info: Ready to process requests.
Mon Aug 22 15:36:36 2005 : Info: rlm_radutmp: NAS localhost restarted
(Accounting-On packet seen)
/var/log/freeradius/radacct/detail-20050822:
Mon Aug 22 15:36:36 2005
Acct-Status-Type = Accounting-On
Acct-Authentic = RADIUS
NAS-IP-Address = 127.0.0.1
Called-Station-Id = "00-04-E2-80-EE-03:thalheim"
Acct-Terminate-Cause = NAS-Reboot
Client-IP-Address = 127.0.0.1
Acct-Unique-Session-Id = "60762dd8d4469af9"
Timestamp = 1124717796
...thalheim is my domain, before that is the prism54 MAC address...
Can anybody shed some light on me? What am i missing? Does the internal
hostapd radius server really authenticate anyone with any passwd? Or
could i uninstall freeradius again? Would be nice since this becomes a
bit oversized with freeradius.
Below is my hostapd.conf, just in case anybody finds the BIG MISTAKE
(tm) I tried changing most options which seemed relevant to me, but no
change at all.
Thx,
timbo
/etc/hostapd/hostapd.conf:
interface=eth1
driver=prism54
logger_syslog=8
logger_syslog_level=1
logger_stdout=-8
logger_stdout_level=1
debug=2
dump_file=/tmp/hostapd.dump
ssid=thalheim
macaddr_acl=0
accept_mac_file=/etc/hostapd/hostapd.accept
deny_mac_file=/etc/hostapd/hostapd.deny
auth_algs=3
ieee8021x=1
eap_message=hello\0networkid=netw,nasid=foo,portid=0,NAIRealms=thalheim
eapol_key_index_workaround=0
eap_server=1
eap_user_file=/etc/hostapd/hostapd.eap_user
ca_cert=/etc/ssl/certs/cacert.pem
server_cert=/etc/ssl/certs/kiste-cert.pem
private_key=/etc/ssl/private/kiste-key.pem
private_key_passwd=
check_crl=0
eap_sim_db=/etc/hostapd/hostapd.sim_db
wpa=0
wpa_passphrase=weirdpassphrase
wpa_key_mgmt=WPA-PSK WPA-EAP
wpa_pairwise=TKIP CCMP
rsn_preauth=0
More information about the Hostap
mailing list