wpa_supplicant-EAP-TTLS-PAP issue

Nicolas Will nico
Mon Dec 5 12:03:33 PST 2005


Jouni Malinen wrote:

>On Fri, Dec 02, 2005 at 01:09:47PM -0600, Nicolas Will wrote:
>
>  
>
>>I'm trying to use wireless provided by my corporate network. It uses
>>WPA, EAP-TTLS, PAP phase 2 auth, TKIP, WEP104... THE AP hides its SSID.
>>madwifi      ath_hal 0.9.14.9 - ath_pci 0.9.6.0
>>    
>>
>
>It looks like EAP authentication is completed successfully and so is WPA
>4-Way Handshake. However, the AP seems to be re-transmitting Group Key
>message 1/2 which could indicate that it does not receive message 2/2
>from the supplicant. My first guess would be that the WEP104
>configuration for a group cipher is breaking unicast encryption for some
>reason. I don't think I have ever tested this kind of combination with
>madwifi, but I have seen it working with another driver. In other words,
>this could either be a problem in the driver or some kind of mismatch
>between the driver and the way wpa_supplicant is configuring the WEP key
>for broadcast frames.
>  
>


So, I had my favorite network admin turn on SSID broadcast on the AP as
a temporary measure. That way I could debug my ipw2200 connection with
one less worry.

Things started to work !

madwify is indeed buggy in my configuration.

Once SSID broadcast was turned off, I could use ap_scan=2 and a full set
of specifi directives, and it continued to work.

Nevertheless, if there is no activity on the card, I loase
authentication and the supplicant has a hard time re-authenticating and
goes into loops. If I quickly get an IP address, it looks stable..

Finally, my company is using multiple SSIDs throughout the building. Do
I just duplicate the network blocks of the conf file with just different
SSID names, all at the same priority ?

Thanks for the help.

Nico




More information about the Hostap mailing list